lmcgr44 Posted February 10, 2011 Share Posted February 10, 2011 hello i am makeing a forum and to post a new thread it has to check if the user is logged in, so i log into my website and i go to the post new topic but it says im not logged in here is the new_topic.php and also the login.php new_topic.php <?php session_start(); include_once "../scripts/connect_to_mysql.php"; // Connect to the database // Check to see if the user is logged in with session variables if (!isset($_SESSION['userpass']) || $_SESSION['userpass'] == "") { echo "Please log in..."; exit(); } else { // Assume they are a member because they have a password session variable set // Check the database to be sure that their ID, password, and email session variables all match in the database $u_id = mysql_real_escape_string($_SESSION['id']); $u_name = mysql_real_escape_string($_SESSION['username']); $u_email = mysql_real_escape_string($_SESSION['useremail']); $u_pass = mysql_real_escape_string($_SESSION['userpass']); $sql = mysql_query("SELECT * FROM myMembers WHERE id='$u_id' AND username='$u_name' AND email='$u_email' AND password='$u_pass'"); $numRows = mysql_num_rows($sql); if ($numRows < 1) { echo "ERROR: You do not exist in the system."; exit(); } } //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// // Check to make sure the URL variables of "sid" and "title" are set if (!isset($_POST['forum_id']) || $_POST['forum_id'] == "" || !isset($_POST['forum_title']) || $_POST['forum_title'] == "") { echo "Important variables are missing"; exit(); } else { // Acquire the variables and proceed to show them a form for creating a new topic $forum_section_id = preg_replace('#[^0-9]#i', '', $_POST['forum_id']); $forum_section_title = preg_replace('#[^A-Za-z 0-9]#i', '', $_POST['forum_title']); } /////////////////////////////////////////////////////////////////////////////////////////////////// $sql = mysql_query("SELECT * FROM forum_sections WHERE id='$forum_section_id' AND title='$forum_section_title'"); $numRows = mysql_num_rows($sql); if ($numRows < 1) { echo "ERROR: That section deos not exist."; exit(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link href="style/style.css" rel="stylesheet" type="text/css" /> <title>Create New Topic</title> <script type="text/javascript" language="javascript"> <!-- function validateMyForm ( ) { var isValid = true; if ( document.form1.post_title.value == "" ) { alert ( "Please type in a title for this topic" ); isValid = false; } else if ( document.form1.post_title.value.length < 10 ) { alert ( "Your title must be at least 10 characters long" ); isValid = false; } else if ( document.form1.post_body.value == "" ) { alert ( "Please type in your topic body." ); isValid = false; } return isValid; } //--> </script> </head> <body> <?php include_once("template_header.php"); ?> <table style="background-color: #F0F0F0; border:#069 1px solid; border-top:none;" width="900" border="0" align="center" cellpadding="12" cellspacing="0"> <tr> <td width="731" valign="top"> <div id="breadcrumbs"><a href="http://www.webintersect.com">Web Intersect Home</a> ← <a href="http://www.webintersect.com/forum">Forum Home</a> ← <a href="section.php?id=<?php echo $forum_section_id; ?>"><?php echo $forum_section_title; ?></a></div> <h2>Creating New Topic In the <em><?php echo $forum_section_title; ?></em> Forum</h2> <form action="parse_post.php" method="post" name="form1"> <input name="post_type" type="hidden" value="a" /> Topic Author:<br /><input name="topic_author" type="text" disabled="disabled" maxlength="64" style="width:96%;" value="<?php echo $u_name; ?>" /> <br /><br /> Please type in a title for your topic here:<br /><input name="post_title" type="text" maxlength="64" style="width:96%;" /><br /><br /> Please type in your topic body:<br /><textarea name="post_body" rows="15" style="width:96%;"></textarea> <br /><br /><input name="" type="submit" value="Create my topic now!" onclick="javascript:return validateMyForm();"/> <input name="fsID" type="hidden" value="<?php echo $forum_section_id; ?>" /> <input name="fsTitle" type="hidden" value="<?php echo $forum_section_title; ?>" /> <input name="uid" type="hidden" value="<?php echo $_SESSION['id']; ?>" /> <input name="upass" type="hidden" value="<?php echo $_SESSION['userpass']; ?>" /> </form> </td> <td width="189" valign="top"><div style=" width:160px; height:600px; background-color: #999; color: #CCC; padding:12px;"> <br /> <br /> <br /> <h3>Ad Space or Whatever</h3> </div></td> </tr> </table> <?php include_once("template_footer.php"); ?> </body> </html> login.php <?php // Start Session to enable creating the session variables below when they log in session_start(); // Force script errors and warnings to show on page in case php.ini file is set to not display them error_reporting(E_ALL); ini_set('display_errors', '1'); //----------------------------------------------------------------------------------------------------------------------------------- // Initialize some vars $errorMsg = ''; $email = ''; $pass = ''; $remember = ''; if (isset($_POST['email'])) { $email = $_POST['email']; $pass = $_POST['pass']; if (isset($_POST['remember'])) { $remember = $_POST['remember']; } $email = stripslashes($email); $pass = stripslashes($pass); $email = strip_tags($email); $pass = strip_tags($pass); // error handling conditional checks go here if ((!$email) || (!$pass)) { $errorMsg = 'Please fill in both fields'; } else { // Error handling is complete so process the info if no errors include 'scripts/connect_to_mysql.php'; // Connect to the database $email = mysql_real_escape_string($email); // After we connect, we secure the string before adding to query //$pass = mysql_real_escape_string($pass); // After we connect, we secure the string before adding to query $pass = md5($pass); // Add MD5 Hash to the password variable they supplied after filtering it // Make the SQL query $sql = mysql_query("SELECT * FROM myMembers WHERE email='$email' AND password='$pass' AND email_activated='1'"); $login_check = mysql_num_rows($sql); // If login check number is greater than 0 (meaning they do exist and are activated) if($login_check > 0){ while($row = mysql_fetch_array($sql)){ // Pleae note: Adam removed all of the session_register() functions cuz they were deprecated and // he made the scripts to where they operate universally the same on all modern PHP versions(PHP 4.0 thru 5.3+) // Create session var for their raw id $id = $row["id"]; $_SESSION['id'] = $id; // Create the idx session var $_SESSION['idx'] = base64_encode("g4p3h9xfn8sq03hs2234$id"); // Create session var for their username $username = $row["username"]; $_SESSION['username'] = $username; mysql_query("UPDATE myMembers SET last_log_date=now() WHERE id='$id' LIMIT 1"); //die($username); } // close while // Remember Me Section if($remember == "yes"){ $encryptedID = base64_encode("g4enm2c0c4y3dn3727553$id"); setcookie("idCookie", $encryptedID, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days setcookie("passCookie", $pass, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days $_SESSION['username'] = $username; } // All good they are logged in, send them to homepage then exit script //die($_SESSION['username']); $_SESSION['username'] = $username; header("location: index.php?user=$username;"); exit(); } else { // Run this code if login_check is equal to 0 meaning they do not exist $errorMsg = "Incorrect login data, please try again"; } } // Close else after error checks } //Close if (isset ($_POST['uname'])){ ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="icon" href="favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" /> <link href="style/main.css" rel="stylesheet" type="text/css" /> <script src="js/jquery-1.4.2.js" type="text/javascript"></script> <title>Log In</title> <style type="text/css"> <!-- body { margin-top: 0px; } --> </style></head> <body> <table width="400" align="center" cellpadding="6" style="background-color:#FFF; border:#666 1px solid;"> <form action="login.php" method="post" enctype="multipart/form-data" name="signinform" id="signinform"> <tr> <td width="23%"><font size="+2">Log In</font></td> <td width="77%"><font color="#FF0000"><?php print "$errorMsg"; ?></font></td> </tr> <tr> <td><strong>Email:</strong></td> <td><input name="email" type="text" id="email" style="width:60%;" /></td> </tr> <tr> <td><strong>Password:</strong></td> <td><input name="pass" type="password" id="pass" maxlength="24" style="width:60%;"/></td> </tr> <tr> <td align="right"> </td> <td><input name="remember" type="checkbox" id="remember" value="yes" checked="checked" /> Remember Me</td> </tr> <tr> <td> </td> <td><input name="myButton" type="submit" id="myButton" value="Sign In" /></td> </tr> <tr> <td> </td> <td> </td> </tr> <tr> <td colspan="2">Forgot your password? <a href="forgot_pass.php">Click Here</a> <br /></td> </tr> <tr> <td colspan="2">Need an Account? <a href="register.php">Click Here</a><br /> <br /></td> </tr> </form> </table> <br /> <br /> <br /> </body> </html> Link to comment https://forums.phpfreaks.com/topic/227265-sessions/ Share on other sites More sharing options...
BlueSkyIS Posted February 10, 2011 Share Posted February 10, 2011 i don't see where $_SESSION['userpass'] is ever set in login.php, therefore it is not set in any other pages. Link to comment https://forums.phpfreaks.com/topic/227265-sessions/#findComment-1172334 Share on other sites More sharing options...
lmcgr44 Posted February 10, 2011 Author Share Posted February 10, 2011 i don't see where $_SESSION['userpass'] is ever set in login.php, therefore it is not set in any other pages. would i change $_SESSION['userpass'] to $_SESSION['username'] ? Link to comment https://forums.phpfreaks.com/topic/227265-sessions/#findComment-1172336 Share on other sites More sharing options...
lmcgr44 Posted February 10, 2011 Author Share Posted February 10, 2011 i don't see where $_SESSION['userpass'] is ever set in login.php, therefore it is not set in any other pages. hey thanks, dont worry i worked it out Link to comment https://forums.phpfreaks.com/topic/227265-sessions/#findComment-1172342 Share on other sites More sharing options...
Scotty13 Posted August 11, 2012 Share Posted August 11, 2012 Hi, I?m following Adams tut and I?m stuck on the forum section. When I?m login and click on a topic in my forum, I get this response? ERROR: You do not exist in the system. I was wondering if ever got this response and if so, how did you fix it? I would appreciate anything you could do to help me. Thanks, Scotty13 Link to comment https://forums.phpfreaks.com/topic/227265-sessions/#findComment-1368654 Share on other sites More sharing options...
Pikachu2000 Posted August 11, 2012 Share Posted August 11, 2012 Start your own new thread, with a detailed description of your problem. Be sure to include your code, and links to the tutorials you're having problems with. Link to comment https://forums.phpfreaks.com/topic/227265-sessions/#findComment-1368678 Share on other sites More sharing options...
Recommended Posts