Logged in code needing re-adjusting?

[djfox]

Ok, just in case you haven`t watched my saga of coding problems. 

 

I have a site developed where logged in users can earn virtual currency (echos) by doing certain actions. They can add items to their inventory, and sell these items to each other. I have the codes set up for all that (finally!). But all this has caused a problem to come to my attention.

 

If the logged in user is logged in, their echo count is displayed next to their username (for example: UsernameA Echos 100). If they leave a comment on a submitted image, they will get 10 echos and the number is updated (example: UsernameA Echos 110). If they buy an item from the shops, the number of echos gets deducted from their echo count successfully (example: UsernameA Echos 90).

 

So if all that is working, what`s the problem, right?

 

Well, if UsernameA gets any new private messages while they are logged in or if an item they sell to another person is bought, these things are not reflected. The person would have to log out, then log back in to see the "Messages (2 New)" and "Echos 100".

 

I`m thinking because these changes are not reflected, I might need my logged in codes re-done? Or maybe something else?

 

I need big time advice on what needs to be changed and how to do it. I`ll list some files that I think would be relevant:

 

index.php - the main page that user gets directed to when they log in

header.php - contains the info for design of the site and the navigation bar

logged.php - changes navigation bar to all info if perosn is logged in, if person is logged out, displayes login.php

login.php - form to allow person to log in

auth.php - loads session, reads from userdata for info of logged in person (such as username, how many echos they have, how many new messages they have)

 

The posts below will show the codes for these files individually.

[djfox]

<?php
//Date: February 24 2007
//For: www.secrettrance.net
//Description: Main Index

include("dbcon.php");
require_once "auth.php";
require_once "includes/defines.php";

$Title = "Secret Trance";

require_once "header.php";
require_once "hidestatus.php";
?>

<table border=0 width=100%><? //1
?>
<tr>
<td width=15% valign=top>
<?
require_once "leftbar.php";
?>


<td width=85% valign=top>
<table border=0 width=100%><? //2 
?>
<tr>
<td>
<table border=0 width=100% bgcolor="000000"><? //3
?>
<tr>
<td bgcolor="312D37"><b>Recent Trances</b>
<tr>
<td bgcolor="4A4553">
<table border=0 width=100%><? //4
?>
<? 
  $recent = 0;
  $res = mysql_query("SELECT id, URL FROM image ORDER BY id DESC")or die( mysql_error() );
  while( ($row = mysql_fetch_row($res)) && $recent < 10 ){
    if( $recent%5 == 0 ){
echo "<tr><td><tr><td><tr><td><tr><td><tr>";
    }
    $recent = $recent + 1;
    echo "<td align=center><a href='trances.php?id=$row[0]'><img src='thumbnail.php?img=$row[1]' border=0></a>";	
  }
?>
</table><? //4
?>
<p>
<a href="browse.php"><b>See More Trances</b></a>
<tr>
<td bgcolor="312D37"><b>Recent Trancers</b>
<tr>
<td bgcolor="4A4553">
<table border=0 width=100%><? //4
?>
<font size=2>
<? 
  $recent = 0;
  $res = mysql_query("SELECT id, login FROM userdata ORDER BY id DESC")or die( mysql_error() );
  while( ($tra = mysql_fetch_row($res)) && $recent < 10 ){
    if( $recent%5 == 0 ){
echo "<tr><td><tr><td><tr>";
    }
    $recent = $recent + 1;
    echo "<td><center><a href='trancer.php?g=$tra[0]'>$tra[1]</a></center>";	
  }
?>
</table><? //4
?>
<p>
<a href="trancerbrowse.php"><b>See More Trancers</b></a>
<tr>
<td bgcolor="312D37"><b>Recent Stamps</b>
<tr>
<td bgcolor="4A4553">
<table border=0 width=100%><? //4
?>
<font size=2>
<? 
  $recent = 0;
  $res = mysql_query("SELECT id,name,description,url,store,price,preview FROM stamps ORDER BY id DESC")or die( mysql_error() );
  while( ($stamps = mysql_fetch_row($res)) && $recent < 5 ){
    if( $recent%5 == 0 ){
echo "<tr>";
    }
    $recent = $recent + 1;
    echo "<td><center><img src='stamps/$stamps[6]'></center>";	
  }
?>
</table><? //4
?>
</table><? //3
?>
</table><? //2 
?>




</table><? //1
?>

<?
require_once "footer.php";
?>

[djfox]

<title><? echo $Title ?></title>
<style type="text/css">
<!--
input { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 13px; color: #B6ABCE; text-decoration: none; background-color: #000000; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px}
}
-->
</style>



<?
session_start();

$lev=isset($_SESSION['level2'])?$_SESSION['level2']:0;
?>

<META NAME="keywords" CONTENT="online art gallery,art gallery,art,online art,online gallery,free online art gallery,drawings,literature,paintings,fiction,community art,digital art,traditional art,poetry,prose,applications,community,online community,secret,trance,photographs,photos,comics,anime,anthro,anthropomorphic,furry,furries,fantasy,horror,romance,adventure,action,macabre,animals,people,centaurs,unicorns,pegasus,mermaids,dragons,elves,japanese,wallpapers,pictures,image,images,free,artwork,illustrations,graphics,myths,mythology,gothic,games,online games,fantasy art,anime fantasy art,anime furry,anime fantasy,anime furries,anime illustrations,anime arts,pic art,anime illustration,draw art,anime gothic,anime dark,dark art,gothic art gallery,gothic art pictures,gothic art galleries,gothic artists,gothic artist,gothic fairy art,fairies,faeries,goth artist,goth art,goth artists,morbid art,vampire art,vampyr art,gothic pics,scary art,gothic fantasy,gothic anime,gothic drawing,dark gothic,dark goth,gothic death,gothic morbid,dark fantasy art,art sketches,anime original art,vampire fantasy art,vampire images,vampire pics,vampire drawings,vampire sketches,vampire anime,vampire drawing,vampire goth,vampire fantasy,vampire pic,pictures art,demons art,sketches art,vampire horror,pics art,secret trance">
<META NAME="description" CONTENT="Online community of artists and authors. Online art galleries and games available for free. Many different subjects and genres are available.">

<body bgcolor="746D84" text="B6ABCE" link="B6ABCE" vlink="B6ABCE" onLoad="if (self != top) top.location = self.location">
<link REL="SHORTCUT ICON" HREF="favicon.ico">

<table border=0 width=100% bgcolor="4A4553">
<tr>
<td>
<table border=0>
<tr>
<td>
<a href="index.php"><img src="secrettranceuniverse.jpg" border=0></a>
<td bgcolor="312D37"><font size=1>  </font>
<td>Art and Literature
<br>Community
<br>Gaming
<br>It`s a Whole New Universe
<br><font size=2><i>Undiscovered Imagination</i></font>
</table>
</table>

<table border=0 width=100%>
<tr>
<td>
<? require_once "logged.php"; ?>
</table>

[djfox]

<?

/*
  Authentication code
*/
require_once "auth.php";

$log = isset($_SESSION['sess_name'])?$_SESSION['sess_name']:'';
$pass = isset($_SESSION['pass'])?$_SESSION['pass']:'';
$nmsg = 0;
$rows = isset($_SESSION['rows'])?$_SESSION['rows']:array();
$echos = isset($_SESSION['echos'])?$_SESSION['echos']:'';

/*
==========================================================================
*/
function ShowLoggedInBar() {
global $log,$pass,$nmsg,$rows,$echos;

   $nmes="";
   if($nmsg){
 $nmes="($nmsg New)";
   }
   
   echo "<table border=0 width=100% cellpadding=0><tr><td bgcolor='000000'><table width=100% border=0><tr><td valign=middle bgcolor='312D37'>";
   echo "<a href='index.php'><img src='secrettrance_miniicon.png' border=0></a> ";
   echo "<b><a href=\"trancer.php\">$log</a></b>     Echos <b>$echos</b>  ";
   echo "<a href='stats.php'>Stats</a> | ";
   echo "<a href='settings.php'>Edit Profile</a> | ";
   echo "<a href='message.php'>Messages $nmes</a> | ";
   echo "<a href='favouriteview.php'>Favourites</a> | ";
   echo "<a href='friends.php'>Gang</a> | ";
   echo "<a href='inventory.php'>Inventory</a> |  ";
   echo "<font size=2><a href='index.php?logout=1'>Logout</a></font>";
   echo "<tr><td bgcolor='4A4553'><a href='upgrade.php'>Upgrade</a> | ";
   echo "<a href='submit.php'>Upload</a> | ";
   echo "<a href='regions.php'>Use a Warp Zone</a> | ";
   echo "<a href='suggestion.php'>Suggestion</a> | ";
   echo "<a href='forums.php'>Forums</a> | ";
   echo "<a href='manual.php'>Manual</a>";
   echo "</table></table>";	
}

/*
==========================================================================
Main
==========================================================================
*/

/* check if we are logging out */
if (isset($_REQUEST['logout'])) {
Logout();
}

/* check if already logged in */
if (isset($_SESSION['magic']) && ($_SESSION['magic']==SESSION_MAGIC)) {   
   ShowLoggedInBar();
} else {

/* not logged in, is it a form post? */
if (isset($_REQUEST['log']) && isset($_REQUEST['pass'])) {
	$log = $_REQUEST['log'];
	$pass = crypt($_REQUEST['pass'],$log);
	Login($log,$pass);
	ShowLoggedInBar();
} else {
	require "login.php";
}
}


?>

[djfox]

<table border=0 width=100% bgcolor="000000">
<tr>
<td bgcolor="312D37"><b>Enter Secret Trance</b>
<tr>
<td bgcolor="4A4553"><form action="index.php" method="post">
Username: <input type="text" name="log" size="20">     
Password: <input type="password" name="pass" size="20">     
<input name="submit" type=submit value="Login">    
<a href="register.php">Become a Trancer!</a>
</form>
</table>

[djfox]

<?
	// Defines

	DEFINE('SESSION_MAGIC','sadhjasklsad2342');

	// Initialization
	@session_start();
	@ob_start();
  

    /*
      Redirects to another page
    */
    function Redirect($to) {

   @session_write_close();
   @ob_end_clean();
   @header("Location: $to");
    } 

     /*
        Deletes existing session
    */
function RemoveSession() {
	$_SESSION = array();
	if (isset($_COOKIE[session_name()])) {
	   @setcookie(session_name(), '', time()-42000, '/');
	}
}
    
/*
  Checks if user is logged in
*/ 
function isLoggedIn() {

	return(isset($_SESSION['magic']) && ($_SESSION['magic']==SESSION_MAGIC));
}

    /*
      Terminates an existing session
    */
    function Logout() {
    @RemoveSession();
    @session_destroy();
    }

    /* 
      read message count
    */
    function CountMessages($id) {
    
   if ($res=mysql_query("SELECT * FROM messagedata WHERE recBoxID=$id AND isNew=1"))
   {
	   $count=mysql_num_rows($res);
	   mysql_free_result($res);	   
	   return($count);
   }
   return 0; 
    }
    
    /*
      Go login go!
    */
    function Login($username,$password) {
   
    global $nmsg, $rows;
   
   $ok=false;	
   if ($res=mysql_query("SELECT id,level,mailNum, echo_count, status FROM userdata WHERE login='$username' AND password='$password'"))
   {
	   if ($rows=mysql_fetch_row($res)) {
		    $_SESSION['sess_name'] = $username;
			$_SESSION['pass'] = $password;
			$_SESSION['gal'] = $rows[0];
			$_SESSION['mail'] = $rows[2];
			$_SESSION['level2'] = $rows[1];	
			$_SESSION['echos'] = $rows[3];
			$_SESSION['status'] = $rows[4];
		    $_SESSION['magic'] = SESSION_MAGIC;
		    $_SESSION['rows'] = $rows; /* stupid stupid hack */
		    $nmsg = CountMessages($rows[0]);
		    $ok=true;
	   } else {
		   include('login_failed.php');
	   }
	   mysql_free_result($res);
   }
   return($ok);
   }

    /*
      Escape array using mysql
    */   
function Escape(&$arr)
{
 if (Count($arr)>0) {
	    foreach($arr as $k => $v) {
	        if (is_array($v)) {
	            Escape($arr[$k]);
	        }
	        else {
	            if (function_exists('get_magic_quotes')) {
	                if(!get_magic_quotes_gpc()) {
	                    $arr[$k] = stripslashes($v);
	                }
	            }
	            $arr[$k] = mysql_real_escape_string($v);
	        }
	   }
      }
}

// -----------------------------------------------    
// Main
// -----------------------------------------------    

   Escape($_POST);
   Escape($_GET);
   Escape($_COOKIE);
   Escape($_REQUEST);
   Escape($_GLOBALS);
   Escape($_SERVER);
   
?>

[djfox]

I`m thinking auth.php would be the one that needs the re-adjusting, but I`m not sure and no idea what to change to what.