Drag00n Posted December 12, 2012 Share Posted December 12, 2012 (edited) Basically I downloaded this source codes and I tried adding my own session so if the users are logged in they don't have to type a nick. However its not working. $_session['username'] stores the loggedin persons name. <?php session_start(); include 'config.php'; if(isset($_POST['submit'])) { $con = mysql_connect("localhost","monsters_ck","6789king"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("monsters_ck", $con); $message=$_POST['message'];$sender= $_SESSION['username']; mysql_query("INSERT INTO message(message, sender)VALUES('$message', '$sender')"); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "[url="http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd%22>"]http://www.w3.org/TR...nsitional.dtd">[/url] <html xmlns="[url="http://www.w3.org/1999/xhtml%22>"]http://www.w3.org/1999/xhtml">[/url] <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Simple Chat</title> <script language="javascript" src="jquery-1.2.6.min.js"></script> <script language="javascript" src="jquery.timers-1.0.0.js"></script> <script type="text/javascript"> $(document).ready(function(){ var j = jQuery.noConflict(); j(document).ready(function() { j(".refresh").everyTime(1000,function(i){ j.ajax({ url: "Chat/refresh.php", cache: false, success: function(html){ j(".refresh").html(html); } }) }) }); j(document).ready(function() { j('#post_button').click(function() { $text = $('#post_text').val(); j.ajax({ type: "POST", cache: false, url: "Chat/save.php", data: "text="+$text, success: function(data) { alert('data has been stored to database'); } }); }); }); j('.refresh').css({color:"green"}); }); </script> <style type="text/css"> .refresh { border: 1px solid #3366FF; border-left: 4px solid #3366FF; color: green; font-family: tahoma; font-size: 12px; height: 225px; overflow: auto; width: 400px; padding:10px; background-color:#FFFFFF; } #post_button{ border: 1px solid #3366FF; background-color:#3366FF; width: 100px; color:#FFFFFF; font-weight: bold; margin-left: -105px; padding-top: 4px; padding-bottom: 4px; cursor:pointer; } #textb{ border: 1px solid #3366FF; border-left: 4px solid #3366FF; width: 320px; margin-top: 10px; padding-top: 5px; padding-bottom: 5px; padding-left: 5px; width: 415px; } #texta{ border: 1px solid #3366FF; border-left: 4px solid #3366FF; width: 410px; margin-bottom: 10px; padding:5px; } p{ border-top: 1px solid #EEEEEE; margin-top: 0px; margin-bottom: 5px; padding-top: 5px; } span{ font-weight: bold; color: #3B5998; } </style> </head> <body> <form method="POST" name="" action=""> <input name="sender" type="text" id="texta" value="<?php echo $uid ?>"/> <div class="refresh"> <?php $con = mysql_connect("localhost","monsters_ck","6789king"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("monsters_ck", $con); $result = mysql_query("SELECT * FROM message ORDER BY id DESC"); while($row = mysql_fetch_array($result)) { echo '<p>'.'<span>'.$row['sender'].'</span>'. ' ' . $row['message'].'</p>'; } mysql_close($con); ?> </div> <input name="message" type="text" id="textb"/> <input name="submit" type="submit" value="Chat" id="post_button" /> </form> </body> </html> Edited December 12, 2012 by PFMaBiSmAd added code tags Quote Link to comment Share on other sites More sharing options...
MDCode Posted December 12, 2012 Share Posted December 12, 2012 I see no where that you are even storing $uid as a variable. Quote Link to comment Share on other sites More sharing options...
Drag00n Posted December 12, 2012 Author Share Posted December 12, 2012 (edited) <?php @session_save_path("/home/pokemons/tmp"); @session_start(); /****************************************************** ------------------Required Configuration--------------- Please edit the following variables so the members area can work correctly. ******************************************************/ if (!isset($_SESSION['admin']) || $_SESSION['admin'] != 1) { //die('We are updating PokemonSoulless RPG Please Stand By.'); } //We log to the DataBase $connection = @mysql_pconnect('localhost', 'pokemons_rpg', 'pUxA6HuS6E6RU2e'); if (!$connection) { include '_header.php'; echo '<div class="error">Error connecting to the database!</div>'; include '_footer.php'; die(); } $dbSelected = mysql_select_db('pokemons_rpg'); if (!$dbSelected) { include '_header.php'; echo '<div class="error">Error connecting to the database!</div>'; include '_footer.php'; die(); } //Webmaster Email $mail_webmaster = 'example@example.com'; //Top site root URL $url_root = '[url="http://www.example.com/%27;"]http://www.example.com/';[/url] $admin='danchy13'; /****************************************************** -----------------Optional Configuration---------------- ******************************************************/ //Home page file name $url_home = 'membersarea.php'; //Design Name $design = 'default'; // asdd stuffz $filename = end( explode('/', $_SERVER["SCRIPT_NAME"]) ); if ($filename != 'battle.php') { unset($_SESSION['battle']); } if (isset($_SESSION['userid'])) { $uid = (int) $_SESSION['userid']; $time = time(); $id = (int) $_SESSION['username']; mysql_query("UPDATE `users` SET `lastseen`='{$time}' WHERE `id`='{$uid}' LIMIT 1"); } // basic check for sql injection if ( stripos($_SERVER['QUERY_STRING'], 'UNION') !== false || stripos($_SERVER['QUERY_STRING'], 'SELECT') !== false || stripos($_SERVER['QUERY_STRING'], 'SCRIPT') !== false ) { $fh = @fopen('sqli_attempts.txt', 'a') or die(); fwrite($fh, $_SERVER['REMOTE_ADDR'] . ' ' . $_SERVER['SCRIPT_NAME'] . ' ' . $_SERVER['QUERY_STRING']); fclose($fh); } if (!function_exists('stripslashes_deep')) { function stripslashes_deep($value) { $value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value) ; return $value; } } // stop magic quotes if (get_magic_quotes_gpc()) { $_POST = stripslashes_deep($_POST); $_GET = stripslashes_deep($_GET); } ?> Edited December 12, 2012 by PFMaBiSmAd added code tags Quote Link to comment Share on other sites More sharing options...
Christian F. Posted December 12, 2012 Share Posted December 12, 2012 Please use the [code][/code] tags around your code, as it helps make both your post and your code a lot easier to read. Quote Link to comment Share on other sites More sharing options...
Drag00n Posted December 12, 2012 Author Share Posted December 12, 2012 Sorry about that but can you help me Quote Link to comment Share on other sites More sharing options...
MDCode Posted December 12, 2012 Share Posted December 12, 2012 You could try properly closing your echo with a semicolon Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.