SmexyPantsGnome Posted August 21, 2014 Share Posted August 21, 2014 I am unsuccessfully able to do the following: User creates an account After login, checks server if user has their own folder created If doesn't exist, create it Copy files from source_code to this new folder My code does create a folder, but no files appear inside it. Been trying to find an example with google search for the past 3 days with no luck. I am running LAMP on Linux Mint OS to run my PHP webpages. Can anyone tell me if issues with this section of coding? <?php function wait_time($seconds) { $seconds = abs($seconds); if ($seconds < 1): usleep($seconds*1000000); else: sleep($seconds); endif; } $file1 = "blank.html"; $file2 = "channel_video.php"; $file3 = "clear_playlist.php"; $file4 = "confirm.html"; $file5 = "index.html"; set_time_limit(0); //prevent script from timing out $account = $_POST["account_name"]; $src = "source_code/"; $dst = $account."/"; echo 'Setting up your account page ->.'; mkdir($account, 0777, true); echo '.'; //create folder with full write permissions wait_time(2000); //wait 2 seconds before copying files over copy($src.$file1, $dst.$file1); echo '.'; wait_time(2000); //wait 2 seconds before copying files over copy($src.$file2, $dst.$file2); echo '.'; wait_time(2000); //wait 2 seconds before copying files over copy($src.$file3, $dst.$file3); echo '.'; wait_time(2000); //wait 2 seconds before copying files over copy($src.$file4, $dst.$file4); echo '.'; wait_time(2000); //wait 2 seconds before copying files over copy($src.$file5, $dst.$file5); echo '.<- setup finished<br>'; ?> Thanks for any input you can provide. Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted August 21, 2014 Share Posted August 21, 2014 dynamically produced web sites don't actually have folders and files for everything or for each user. they use logical folders and pages that map (using url rewriting) to one actual file that retrieves the correct content from a database and displays it in response to the url that was used to request the page. are you sure want to try to copy and then manage a bunch of actual folders and files? also, how are you going to restrict access for making changes to the proper user? Quote Link to comment Share on other sites More sharing options...
SmexyPantsGnome Posted August 21, 2014 Author Share Posted August 21, 2014 (edited) Guess need to rethink my site layout then. A single page generating content would be easier on the hard drive space. The way I've been verifying accounts is when use first logs in it tracks the client's IP address update the MySQL database. If anyone ever connects to a page where account IP does not match prevent the php code from loading. Example: User signs in to page as user123. Then they manually type in http://myipaddress/anotheruser/ nothing will show up. Unless it was from the same IP address as the last time account anotheruser signed in. Edited August 21, 2014 by SmexyPantsGnome Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted August 21, 2014 Share Posted August 21, 2014 a persons ip address can change at any time and all the people connecting from one nat based network will share the same ip address. using the ip for anything other than just informational purposes will result in problems of locking someone out or of allowing someone access just because the connected from the same network. you must limit access based on the logged in user's id and what content he has permission to view or change. Quote Link to comment Share on other sites More sharing options...
CroNiX Posted August 21, 2014 Share Posted August 21, 2014 Once the user logs in store their user info in $_SESSION. On the page that displays the user profile, check that the name entered in the url is the same as the name they logged in with. If it's not, display an error. If it is, show the page. Are you only relying on a username and last IP address? No password? Quote Link to comment Share on other sites More sharing options...
SmexyPantsGnome Posted August 21, 2014 Author Share Posted August 21, 2014 (edited) Can't believe I wasted so much coding time doing it this way. Storing saved variables in MySQL for account details is alot easier. This connects to a IRC server that requires name and password. Login page loads variables to accounts table with columns (Nick, Pass, Channel) If someone give the wrong pass it will fail to load the Irc info. I will also look up examples on using $_SESSION. Edited August 21, 2014 by SmexyPantsGnome Quote Link to comment Share on other sites More sharing options...
CroNiX Posted August 21, 2014 Share Posted August 21, 2014 (edited) Can't believe I wasted so much coding time doing it this way. This is how we learn, so it's not "time wasted". Edited August 21, 2014 by CroNiX Quote Link to comment Share on other sites More sharing options...
SmexyPantsGnome Posted August 21, 2014 Author Share Posted August 21, 2014 (edited) Yes thats true This is just a hobby project that I'm working on for fun. But I got requested from multiple poeple wanting to try it out now. So now I'm looking into adding account login controls on top of what I already have. Don't want to accidentally have one user load settings that another user setup. Edited August 21, 2014 by SmexyPantsGnome Quote Link to comment Share on other sites More sharing options...
SmexyPantsGnome Posted August 21, 2014 Author Share Posted August 21, 2014 I have created this for account checking. This connects an auto-response bot to the irc channel: Responds to % prefix commands that someone types in the channel. I added $_SOCKETS now to see if account is valid. Plan to install https for added security on my webserver too. New code now uses $_SESSION: <!DOCTYPE html> <?php session_start(); ?> <!load the existing session from previous page> <html> <head> <link rel="stylesheet" href="style.css"> </head> <?php //forces webbrowser to clear buffer to show text, also adds a delay for loop function irc_clearbuffer() { if (ob_get_level() == 0) obstart(); for($i=0;$i<70;$i++) { print str_pad('',4096)."\n"; ob_flush(); flush(); usleep(1); } } $server = $_SESSION['server']; $name = $_SESSION['account_name']; $pass = $_SESSION['account_pass']; //connect to main server if ($server == "main") { $server = "irc.main.com"; $socket = fsockopen($server, 6667); stream_set_blocking($socket, 0); fputs($socket, "USER ".$name."\n"); fputs($socket, "PASS ".$pass."\n"); fputs($socket, "NICK ".$name."\n"); echo "Attempting to connect to ".$server."<br>"; } //connect to alt server elseif ($server == "alt") { $server = "irc.alt.com"; $socket = fsockopen($server, 6667); stream_set_blocking($socket, 0); fputs($socket, "PASS ".$pass."\n"); fputs($socket, "NICK ".$name."\n"); fputs($socket, "USER ".$name." ".$name." ".$server." :".$name."\n"); echo "Attempting to connect to ".$server."<br>"; irc_clearbuffer(); fputs($socket, "JOIN #".$name."\n"); } else { die("You forgot to select a server. Please login again."); } for ($i=0;$i<100;$i++) { //display new data that irc server sends while ($data = fgets($socket, 1024)) { //reads up to 1024 characters from the irc server if ($server == "irc.main.com") { $trim_data = substr(nl2br($data),25,18); if ($trim_data == "Login unsuccessful") { session_destroy(); echo "Retry login<br>"; die($trim_data); } } if ($server == "irc.alt.com") { $trim_data = substr(nl2br($data),22,23); if ($trim_data == "You have not registered") { echo "Retry login<br>"; session_destroy(); die($trim_data); } } } irc_clearbuffer(); } fclose($socket); ?> Quote Link to comment Share on other sites More sharing options...
jazzman1 Posted August 21, 2014 Share Posted August 21, 2014 Apache as mac_gyver already mentioned is not designed for this and administrating accounts on it can be a challenge. However, apache have a list of lot of projects these days you can check in their website. Anyway.....good luck Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.