matthewhaworth Posted August 18, 2007 Share Posted August 18, 2007 <?php /* * user.class.php * * @package * @author matthew haworth * @copyright 2007 * @version $Id$ * @access public */ class user { private $_db; //private $_email; //private $_password; function __construct(&$db) { $this->_db = $db; } function checkLogin() { if($_SESSION['user']['loggedin']) { return true; } else { return false; } } function register($email, $password) { // Validation. $email = $this->_db->realescapestring($email); $email = strip_tags($email); $password = $this->_db->realescapestring($password); $password = strip_tags($password); // End validation. $password = md5($password); $date = date('Y-m-d H-i-s'); // See if the user already exists.. if($this->login($email, $password, false)) { return false; } $sql = "INSERT INTO users(email, password, registered) VALUES('".$email."', '".$password."', '".$date."');"; if($this->_db->query($sql)) { $this->login($email, $password); return true; } else { return false; } } private function loadDetails($email) { $sql = "SELECT iD, email, registered FROM users WHERE email='". $email ."';"; $query = $this->_db->query($sql); $userinfo = $this->_db->fetch_assoc($query); foreach ($userinfo as $key => $value) { $userinf[$key] = $value; } $_SESSION['user'] = $userinf; if(isset($_SESSION['user']['email'])) { return true; } else { return false; } } function login($email, $password, $sessions = true) { // Validation. $email = $this->_db->realescapestring($email); $email = strip_tags($email); $password = $this->_db->realescapestring($password); $password = strip_tags($password); // End validation. // Code the password to compare with that stored at registration. $password = md5($password); // Ask for email and password from MySQL. $sql = "SELECT email, password FROM users WHERE email='" . $email . "' AND password='" . $password . "';"; // See if the user data exists in the database. $query = $this->_db->query($sql); //print($this->_db->numrows($query)); if ($this->_db->numrows($query) > 0) { // I don't know why but I wanted to have the class know the email, on initialisation //$this->_email = $email; // Infact, scrap that now. // If I want to apply sessions, here they are. if($sessions) { // Set sessions for rest of user details.. if($this->loadDetails($email)) { // Set sessions as loggedin, I did this here for security reasons. $_SESSION['user']['loggedin'] = true; // Return the function , everything's set. return true; } else { // If the loadDetails function returns false, return this function false also. return false; } } else { return true; } // If the user doesn't exist in the database... } else { //...return false. return false; } } } ?> When I print_r my $_SESSION['user'] after calling my login script (the sessions are set in loadDetails)... i get this output user Object ( [_db:private] => db Object ( [_db:private] => mysqli Object ( ) [_queries:private] => 0 ) [external] => ) As though it's applied my user object to my $_SESSION['user']. I don't understand. ??? Quote Link to comment https://forums.phpfreaks.com/topic/65541-solved-completely-irrelevant-output-for-what-i-have-typed/ Share on other sites More sharing options...
keeB Posted August 18, 2007 Share Posted August 18, 2007 Your code is really confusing Quote Link to comment https://forums.phpfreaks.com/topic/65541-solved-completely-irrelevant-output-for-what-i-have-typed/#findComment-327275 Share on other sites More sharing options...
matthewhaworth Posted August 18, 2007 Author Share Posted August 18, 2007 Your code is really confusing So no one can help me then? Quote Link to comment https://forums.phpfreaks.com/topic/65541-solved-completely-irrelevant-output-for-what-i-have-typed/#findComment-327294 Share on other sites More sharing options...
matthewhaworth Posted August 18, 2007 Author Share Posted August 18, 2007 I don't mean to double post but I couldn't locate the edit function to edit my previous post. Anyways. I completely annotated my code so that you can understand exactly what is going on. I highlighted where the error is. <?php /* * user.class.php * * @package * @author matthew haworth * @copyright 2007 * @version $Id$ * @access public */ class user { // This is where I will store the database class. private $_db; // Construct the user class. This means taking the object $db and applying it to the private variable $_db. function __construct(&$db) { $this->_db = $db; } // The check login function sees if the $_SESSION['user']['loggedin'] variable is set to true and returns // true or false depending on what it finds. Actually useless as the code if($_SESSION['user']['loggedin']) // would work adequately. function checkLogin() { if ($_SESSION['user']['loggedin']) { return true; } else { return false; } } // The register function accepts two arguments, $email and $password. It cleans both variables before placing // them into the database and logging the user in. function register($email, $password) { // Validation. $email = $this->_db->realescapestring($email); $email = strip_tags($email); $password = $this->_db->realescapestring($password); $password = strip_tags($password); // End validation. // Encrypt the password to compare to the one stored in the database $password = md5($password); // This creates a date compliant with SQL's datetime format $date = date('Y-m-d H-i-s'); // This checks to see if the username already exists. $sql = "SELECT email FROM users WHERE email='".$email."';"; $query = $this->_db->query($sql); $numrows = $this->_db->numrows($query); if($numrows > 0) { return "Email already exists"; } // The following SQL inserts the email, password and registered datetime into the database. $sql = "INSERT INTO users(email, password, registered) VALUES('" . $email . "', '" . $password . "', '" . $date . "');"; // This calls up the query function in my database class to apply the SQL. if ($this->_db->query($sql)) { // If the query is successful, log the user in and hence set up the sessions variables. $this->login($email, $password); return true; } else { // If the query fails, return the function as false. return false; } } // This ia a function to load the Details of the user into session variables, it takes the $email only, // this is why I have made it a private function, so I can't accidently cheat a user into it. It is called // only from the function 'login' which sets the 'loggedin' session variable itself. private function loadDetails($email) { // This sql selects all of the user information besides the password. $sql = "SELECT iD, email, registered FROM users WHERE email='" . $email . "';"; // This processes the query, once again using my database class. $query = $this->_db->query($sql); // This fetches the array from the query object the mysqli produces. $userinfo = $this->_db->fetch_assoc($query); // This iterates through the keys and values of the array and appends them to the variable, $userinf. foreach ($userinfo as $key => $value) { // THIS IS WHERE THE ERROR EXISTS. $userinf[$key] = $value; } // This applies the $userinf array to the session variable 'user' $_SESSION['user'] = $userinf; // This is simply a check to see if it was successful. if (isset($_SESSION['user']['email'])) { return true; } else { return false; } } // This function exists to check is the user is valid and also load the sessions variables using the private function, loadDetails.. function login($email, $password) { // Validation. $email = $this->_db->realescapestring($email); $email = strip_tags($email); $password = $this->_db->realescapestring($password); $password = strip_tags($password); // End validation. // Code the password to compare with that stored at registration. $password = md5($password); // Ask for email and password from MySQL. $sql = "SELECT email, password FROM users WHERE email='" . $email . "' AND password='" . $password . "';"; // See if the user data exists in the database. $query = $this->_db->query($sql); if ($this->_db->numrows($query) > 0) { // Set sessions for rest of user details.. if ($this->loadDetails($email)) { // Set sessions as loggedin, I did this here for security reasons. $_SESSION['user']['loggedin'] = true; // Return the function , everything's set. return true; } else { // If the loadDetails function returns false, return this function false also. return false; } } else { //...return false. return false; } } } ?> Quote Link to comment https://forums.phpfreaks.com/topic/65541-solved-completely-irrelevant-output-for-what-i-have-typed/#findComment-327300 Share on other sites More sharing options...
magic2goodil Posted August 18, 2007 Share Posted August 18, 2007 Have you tried echoing out the $key and $value as they are being passed into $userinf to test and see that the valid data is being passed? Quote Link to comment https://forums.phpfreaks.com/topic/65541-solved-completely-irrelevant-output-for-what-i-have-typed/#findComment-327306 Share on other sites More sharing options...
matthewhaworth Posted August 18, 2007 Author Share Posted August 18, 2007 Have you tried echoing out the $key and $value as they are being passed into $userinf to test and see that the valid data is being passed? Ah. I tried that and got the following. iD4emailthomas @ thomas . comregistered2007-08-18 02:44:39 (// I seperated em to prevent an automatically created link) That means that the problem must occur when it appends it to the $_SESSION['user']. ??? why is this? FIXED . Thanks a lot! Quote Link to comment https://forums.phpfreaks.com/topic/65541-solved-completely-irrelevant-output-for-what-i-have-typed/#findComment-327308 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.