Motto Posted January 2, 2013 Share Posted January 2, 2013 I have a problem with my site. I did everything that is said in the tutorial and got nothing , I searched the forum replaced some data but still no result. I keep getting : "Your login session is not on record in the database" when i try to add a new record in the database. i can refresh the index.php in storeadmin but when i refresh the inventory_list.php it dosen't work or when i try to add / delete / edit a product. please help. this admin_login.php <?php // This file is www.developphp.com curriculum material // Written by Adam Khoury January 01, 2011 // http://www.youtube.com/view_play_list?p=442E340A42191003 session_start(); if (isset($_SESSION["manager"])) { header("location: index.php"); exit(); } ?> <?php // Parse the log in form if the user has filled it out and pressed "Log In" if (isset($_POST["username"]) && isset($_POST["password"])) {[/size][/font][/color] $manager = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["username"]); // filter everything but numbers and letters $password = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password"]); // filter everything but numbers and letters // Connect to the MySQL database include "../storescripts/connect_to_mysql.php"; $sql = mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1"); // query the person // ------- MAKE SURE PERSON EXISTS IN DATABASE --------- $existCount = mysql_num_rows($sql); // count the row nums if ($existCount == 1) { // evaluate the count while($row = mysql_fetch_array($sql)){ $id = $row["id"]; } $_SESSION["id"] = $id; $_SESSION["manager"] = $manager; $_SESSION["password"] = $password; header("location: index.php"); exit(); } else { echo 'That information is incorrect, try again <a href="index.php">Click Here</a>'; exit(); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Admin Log In </title> <link rel="stylesheet" href="../style/style.css" type="text/css" media="screen" /> </head> <body> <div align="center" id="mainWrapper"> <?php include_once("../template_header.php");?> <div id="pageContent"><br /> <div align="left" style="margin-left:24px;"> <h2>Please Log In To Manage the Store</h2> <form id="form1" name="form1" method="post" action="admin_login.php"> User Name:<br /> <input name="username" type="text" id="username" size="40" /> <br /><br /> Password:<br /> <input name="password" type="password" id="password" size="40" /> <br /> <br /> <br /> <input type="submit" name="button" id="button" value="Log In" /> </form> <p> </p> </div> <br /> <br /> <br /> </div> <?php include_once("../template_footer.php");?> </div> </body> </html> this index.php <?php // This file is www.developphp.com curriculum material // Written by Adam Khoury January 01, 2011 // http://www.youtube.com/view_play_list?p=442E340A42191003 session_start(); if (!isset($_SESSION["manager"])) { header("location: admin_login.php"); exit(); } // Be sure to check that this manager SESSION value is in fact in the database $managerID = preg_replace('#[^0-9]#i', '', $_SESSION["id"]); // filter everything but numbers and letters $manager = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["manager"]); // filter everything but numbers and letters $password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]); // filter everything but numbers and letters // Run mySQL query to be sure that this person is an admin and that their password session var equals the database information // Connect to the MySQL database include "../storescripts/connect_to_mysql.php"; $sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1"); // query the person // ------- MAKE SURE PERSON EXISTS IN DATABASE --------- $existCount = mysql_num_rows($sql); // count the row nums if ($existCount == 0) { // evaluate the count echo "Your login session data is not on record in the database."; exit(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Store Admin Area</title> <link rel="stylesheet" href="../style/style.css" type="text/css" media="screen" /> </head>[/size][/font][/color] <body> <div align="center" id="mainWrapper"> <?php include_once("../template_header.php");?> <div id="pageContent"><br /> <div align="left" style="margin-left:24px;"> <h2>Hello store manager, what would you like to do today?</h2> <p><a href="inventory_list.php">Manage Inventory</a><br /> <a href="#">Manage Blah Blah </a></p> </div> <br /> <br /> <br /> </div> <?php include_once("../template_footer.php");?> </div> </body> </html> this inventory_list.php <?php // This file is www.developphp.com curriculum material // Written by Adam Khoury January 01, 2011 // http://www.youtube.com/view_play_list?p=442E340A42191003 session_start(); if (!isset($_SESSION["manager"])) { header("location: admin_login.php"); exit(); } // Be sure to check that this manager SESSION value is in fact in the database $managerID = preg_replace('#[^0-9]#i', '', $_SESSION["id"]); // filter everything but numbers and letters $manager = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["manager"]); // filter everything but numbers and letters $password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]); // filter everything but numbers and letters // Run mySQL query to be sure that this person is an admin and that their password session var equals the database information // Connect to the MySQL database include "../storescripts/connect_to_mysql.php"; $sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1"); // query the person // ------- MAKE SURE PERSON EXISTS IN DATABASE --------- $existCount = mysql_num_rows($sql); // count the row nums if ($existCount == 0) { // evaluate the count echo "Your login session data is not on record in the database."; exit(); } ?> <?php // Script Error Reporting error_reporting(E_ALL); ini_set('display_errors', '1'); ?> <?php // Delete Item Question to Admin, and Delete Product if they choose if (isset($_GET['deleteid'])) { echo 'Do you really want to delete product with ID of ' . $_GET['deleteid'] . '? <a href="inventory_list.php?yesdelete=' . $_GET['deleteid'] . '">Yes</a> | <a href="inventory_list.php">No</a>'; exit(); } if (isset($_GET['yesdelete'])) { // remove item from system and delete its picture // delete from database $id_to_delete = $_GET['yesdelete']; $sql = mysql_query("DELETE FROM products WHERE id='$id_to_delete' LIMIT 1") or die (mysql_error()); // unlink the image from server // Remove The Pic ------------------------------------------- $pictodelete = ("../inventory_images/$id_to_delete.jpg"); if (file_exists($pictodelete)) { unlink($pictodelete); } header("location: inventory_list.php"); exit(); } ?> <?php // Parse the form data and add inventory item to the system if (isset($_POST['product_name'])) { $product_name = mysql_real_escape_string($_POST['product_name']); $price = mysql_real_escape_string($_POST['price']); $category = mysql_real_escape_string($_POST['category']); $subcategory = mysql_real_escape_string($_POST['subcategory']); $details = mysql_real_escape_string($_POST['details']); // See if that product name is an identical match to another product in the system $sql = mysql_query("SELECT id FROM products WHERE product_name='$product_name' LIMIT 1"); $productMatch = mysql_num_rows($sql); // count the output amount if ($productMatch > 0) { echo 'Sorry you tried to place a duplicate "Product Name" into the system, <a href="inventory_list.php">click here</a>'; exit(); } // Add this product into the database now $sql = mysql_query("INSERT INTO products (product_name, price, details, category, subcategory, date_added) VALUES('$product_name','$price','$details','$category','$subcategory',now())") or die (mysql_error()); $pid = mysql_insert_id(); // Place image in the folder $newname = "$pid.jpg"; move_uploaded_file( $_FILES['fileField']['tmp_name'], "../inventory_images/$newname"); header("location: inventory_list.php"); exit(); } ?> <?php // This block grabs the whole list for viewing $product_list = ""; $sql = mysql_query("SELECT * FROM products ORDER BY date_added DESC"); $productCount = mysql_num_rows($sql); // count the output amount if ($productCount > 0) { while($row = mysql_fetch_array($sql)){ $id = $row["id"]; $product_name = $row["product_name"]; $price = $row["price"]; $date_added = strftime("%b %d, %Y", strtotime($row["date_added"])); $product_list .= "Product ID: $id - <strong>$product_name</strong> - $$price - <em>Added $date_added</em> <a href='inventory_edit.php?pid=$id'>edit</a> • <a href='inventory_list.php?deleteid=$id'>delete</a><br />"; } } else { $product_list = "You have no products listed in your store yet"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Inventory List</title> <link rel="stylesheet" href="../style/style.css" type="text/css" media="screen" /> </head> <body> <div align="center" id="mainWrapper"> <?php include_once("../template_header.php");?> <div id="pageContent"><br /> <div align="right" style="margin-right:32px;"><a href="inventory_list.php#inventoryForm">+ Add New Inventory Item</a></div> <div align="left" style="margin-left:24px;"> <h2>Inventory list</h2> <?php echo $product_list; ?> </div> <hr /> <a name="inventoryForm" id="inventoryForm"></a> <h3> ↓ Add New Inventory Item Form ↓ </h3> <form action="inventory_list.php" enctype="multipart/form-data" name="myForm" id="myform" method="post"> <table width="90%" border="0" cellspacing="0" cellpadding="6"> <tr> <td width="20%" align="right">Product Name</td> <td width="80%"><label> <input name="product_name" type="text" id="product_name" size="64" /> </label></td> </tr> <tr> <td align="right">Product Price</td> <td><label> $ <input name="price" type="text" id="price" size="12" /> </label></td> </tr> <tr> <td align="right">Category</td> <td><label> <select name="category" id="category"> <option value="Clothing">Clothing</option> </select> </label></td> </tr> <tr> <td align="right">Subcategory</td> <td><select name="subcategory" id="subcategory"> <option value=""></option> <option value="Hats">Hats</option> <option value="Pants">Pants</option> <option value="Shirts">Shirts</option> </select></td> </tr> <tr> <td align="right">Product Details</td> <td><label> <textarea name="details" id="details" cols="64" rows="5"></textarea> </label></td> </tr> <tr> <td align="right">Product Image</td> <td><label> <input type="file" name="fileField" id="fileField" /> </label></td> </tr> <tr> <td> </td> <td><label> <input type="submit" name="button" id="button" value="Add This Item Now" /> </label></td> </tr> </table> </form> <br /> <br /> </div> <?php include_once("../template_footer.php");?> </div> </body> </html> and this inventory_edit.php <?php // This file is www.developphp.com curriculum material // Written by Adam Khoury January 01, 2011 // http://www.youtube.com/view_play_list?p=442E340A42191003 session_start(); if (!isset($_SESSION["manager"])) { header("location: admin_login.php"); exit(); } // Be sure to check that this manager SESSION value is in fact in the database $managerID = preg_replace('#[^0-9]#i', '', $_SESSION["id"]); // filter everything but numbers and letters $manager = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["manager"]); // filter everything but numbers and letters $password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]); // filter everything but numbers and letters // Run mySQL query to be sure that this person is an admin and that their password session var equals the database information // Connect to the MySQL database include "../storescripts/connect_to_mysql.php"; $sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1"); // query the person // ------- MAKE SURE PERSON EXISTS IN DATABASE --------- $existCount = mysql_num_rows($sql); // count the row nums if ($existCount == 0) { // evaluate the count echo "Your login session data is not on record in the database."; exit(); } ?> <?php // Script Error Reporting error_reporting(E_ALL); ini_set('display_errors', '1'); ?> <?php // Parse the form data and add inventory item to the system if (isset($_POST['product_name'])) { $pid = mysql_real_escape_string($_POST['thisID']); $product_name = mysql_real_escape_string($_POST['product_name']); $price = mysql_real_escape_string($_POST['price']); $category = mysql_real_escape_string($_POST['category']); $subcategory = mysql_real_escape_string($_POST['subcategory']); $details = mysql_real_escape_string($_POST['details']); // See if that product name is an identical match to another product in the system $sql = mysql_query("UPDATE products SET product_name='$product_name', price='$price', details='$details', category='$category', subcategory='$subcategory' WHERE id='$pid'"); if ($_FILES['fileField']['tmp_name'] != "") { // Place image in the folder $newname = "$pid.jpg"; move_uploaded_file($_FILES['fileField']['tmp_name'], "../inventory_images/$newname"); } header("location: inventory_list.php"); exit(); } ?> <?php // Gather this product's full information for inserting automatically into the edit form below on page if (isset($_GET['pid'])) { $targetID = $_GET['pid']; $sql = mysql_query("SELECT * FROM products WHERE id='$targetID' LIMIT 1"); $productCount = mysql_num_rows($sql); // count the output amount if ($productCount > 0) { while($row = mysql_fetch_array($sql)){ $product_name = $row["product_name"]; $price = $row["price"]; $category = $row["category"]; $subcategory = $row["subcategory"]; $details = $row["details"]; $date_added = strftime("%b %d, %Y", strtotime($row["date_added"])); } } else { echo "Sorry dude that crap dont exist."; exit(); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Inventory List</title> <link rel="stylesheet" href="../style/style.css" type="text/css" media="screen" /> </head> <body> <div align="center" id="mainWrapper"> <?php include_once("../template_header.php");?> <div id="pageContent"><br /> <div align="right" style="margin-right:32px;"><a href="inventory_list.php#inventoryForm">+ Add New Inventory Item</a></div> <div align="left" style="margin-left:24px;"> <h2>Inventory list</h2> <?php echo $product_list; ?> </div> <hr /> <a name="inventoryForm" id="inventoryForm"></a> <h3> ↓ Add New Inventory Item Form ↓ </h3> <form action="inventory_edit.php" enctype="multipart/form-data" name="myForm" id="myform" method="post"> <table width="90%" border="0" cellspacing="0" cellpadding="6"> <tr> <td width="20%" align="right">Product Name</td> <td width="80%"><label> <input name="product_name" type="text" id="product_name" size="64" value="<?php echo $product_name; ?>" /> </label></td> </tr> <tr> <td align="right">Product Price</td> <td><label> $ <input name="price" type="text" id="price" size="12" value="<?php echo $price; ?>" /> </label></td> </tr> <tr> <td align="right">Category</td> <td><label> <select name="category" id="category"> <option value="Clothing">Clothing</option> </select> </label></td> </tr> <tr> <td align="right">Subcategory</td> <td><select name="subcategory" id="subcategory"> <option value="<?php echo $subcategory; ?>"><?php echo $subcategory; ?></option> <option value="Hats">Hats</option> <option value="Pants">Pants</option> <option value="Shirts">Shirts</option> </select></td> </tr> <tr> <td align="right">Product Details</td> <td><label> <textarea name="details" id="details" cols="64" rows="5"><?php echo $details; ?></textarea> </label></td> </tr> <tr> <td align="right">Product Image</td> <td><label> <input type="file" name="fileField" id="fileField" /> </label></td> </tr> <tr> <td> </td> <td><label> <input name="thisID" type="hidden" value="<?php echo $targetID; ?>" /> <input type="submit" name="button" id="button" value="Make Changes" /> </label></td> </tr> </table> </form> <br /> <br /> </div> <?php include_once("../template_footer.php");?> </div> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/272611-e-commerce-problem/ Share on other sites More sharing options...
Beeeeney Posted January 2, 2013 Share Posted January 2, 2013 (edited) // This file is www.developphp.com curriculum material // Written by Adam Khoury January 01, 2011 // http://www.youtube.com/view_play_list?p=442E340A42191003 Did you follow a tutorial? Or copy and paste all of it? Edited January 2, 2013 by Beeeeney Quote Link to comment https://forums.phpfreaks.com/topic/272611-e-commerce-problem/#findComment-1402776 Share on other sites More sharing options...
cpd Posted January 2, 2013 Share Posted January 2, 2013 I highly doubt anybody is going to search your passive code pastes when you've not even attempted to narrow down lines of code it could be in - you've only said "it doesn't work" which is obvious else you wouldn't be here in the first place. Quote Link to comment https://forums.phpfreaks.com/topic/272611-e-commerce-problem/#findComment-1402804 Share on other sites More sharing options...
PFMaBiSmAd Posted January 2, 2013 Share Posted January 2, 2013 This is the third recent thread based on that author's code. Perhaps if the author had done a better job of explaining in his tutorial and of writing the code itself, there wouldn't be so many basic questions about it or problems getting it to work. Quote Link to comment https://forums.phpfreaks.com/topic/272611-e-commerce-problem/#findComment-1402827 Share on other sites More sharing options...
mtchisepo Posted July 19, 2013 Share Posted July 19, 2013 line 13 if (isset($_POST["username"]) && isset($_POST["password"])) {[/size][/font][/color] this text i hylytd in red size font color thing of admin_login.php , delete it and u code will work. Do happen to have the rest of the code aswell? Quote Link to comment https://forums.phpfreaks.com/topic/272611-e-commerce-problem/#findComment-1441387 Share on other sites More sharing options...
cpd Posted July 19, 2013 Share Posted July 19, 2013 @mtchisepo - its likely a mistake in his post, not actually part of his code. Quote Link to comment https://forums.phpfreaks.com/topic/272611-e-commerce-problem/#findComment-1441434 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.