Jump to content

[SOLVED] Completely irrelevant output for what I have typed..

matthewhaworth

By matthewhaworth
in PHP Coding Help

Recommended Posts

matthewhaworth Member

matthewhaworth

Posted
Posted 

<?php
/*
* user.class.php
*
* @package 
* @author matthew haworth
* @copyright 2007
* @version $Id$
* @access public
*/
class user
{

    private $_db;


    //private $_email;
    //private $_password;

    function __construct(&$db)
    {
		$this->_db = $db;
    }

function checkLogin() {

	if($_SESSION['user']['loggedin']) {

		return true;

	}
	else
	{
		return false;
	}

}

function register($email, $password) {

	// Validation.
        
	$email = $this->_db->realescapestring($email);
	$email = strip_tags($email);
	$password = $this->_db->realescapestring($password);
	$password = strip_tags($password);

	// End validation.	

	$password = md5($password);
        $date = date('Y-m-d H-i-s');
        
        // See if the user already exists..
        if($this->login($email, $password, false)) {
		return false;
	}
        
	$sql = "INSERT INTO users(email, password, registered) VALUES('".$email."', '".$password."', '".$date."');";

	if($this->_db->query($sql)) {
		$this->login($email, $password);
		return true;
	}
	else
	{
		return false;
	}

}

    private function loadDetails($email)
    {

        $sql = "SELECT iD, email, registered FROM users WHERE email='". $email ."';";
        $query = $this->_db->query($sql);
        $userinfo = $this->_db->fetch_assoc($query);
        foreach ($userinfo as $key => $value)
        {
        	$userinf[$key] = $value;

        }
	$_SESSION['user'] = $userinf;

	if(isset($_SESSION['user']['email'])) 
	{
		return true;
	}
	else
	{
		return false;
	}

    }

    function login($email, $password, $sessions = true)
    {

        // Validation.
        
	$email = $this->_db->realescapestring($email);
	$email = strip_tags($email);
	$password = $this->_db->realescapestring($password);
	$password = strip_tags($password);

	// End validation.

	// Code the password to compare with that stored at registration.
        $password = md5($password);

	// Ask for email and password from MySQL.

        $sql = "SELECT email, password FROM users WHERE email='" . $email .
            "'  AND password='" . $password . "';";

	// See if the user data exists in the database.

	$query = $this->_db->query($sql);	
	//print($this->_db->numrows($query));
        if ($this->_db->numrows($query) > 0)
        {
		// I don't know why but I wanted to have the class know the email, on initialisation
            //$this->_email = $email; // Infact, scrap that now.
            
		// If I want to apply sessions, here they are.
		if($sessions) {
			// Set sessions for rest of user details..
			if($this->loadDetails($email)) {

				// Set sessions as loggedin, I did this here for security reasons.
				$_SESSION['user']['loggedin'] = true;
				// Return the function , everything's set.

				return true;

			}
			else
			{
				// If the loadDetails function returns false, return this function false also.
				return false;
			}
		} else {
			return true;
		}
        
	// If the user doesn't exist in the database...
        }
        else
        {
		//...return false.
            return false;

        }

    }


}
?>

 

When I print_r my $_SESSION['user'] after calling my login script (the sessions are set in loadDetails)... i get this output

 

user Object ( [_db:private] => db Object ( [_db:private] => mysqli Object ( ) [_queries:private] => 0 ) [external] => )

 

As though it's applied my user object to my $_SESSION['user'].  I don't understand.  ???

matthewhaworth Member

matthewhaworth

Posted
  • Author
Posted

I don't mean to double post but I couldn't locate the edit function to edit my previous post.

 

Anyways.  I completely annotated my code so that you can understand exactly what is going on.  I highlighted where the error is.

 

 

<?php
/*
* user.class.php
*
* @package 
* @author matthew haworth
* @copyright 2007
* @version $Id$
* @access public
*/
class user
{

// This is where I will store the database class.
    private $_db;


// Construct the user class. This means taking the object $db and applying it to the private variable $_db.
    function __construct(&$db)
    {
        $this->_db = $db;
    }

    
// The check login function sees if the $_SESSION['user']['loggedin'] variable is set to true and returns
// true or false depending on what it finds.  Actually useless as the code if($_SESSION['user']['loggedin'])
// would work adequately.
function checkLogin()
    {

        if ($_SESSION['user']['loggedin'])
        {

            return true;

        }
        else
        {
            return false;
        }

    }


// The register function accepts two arguments, $email and $password.  It cleans both variables before placing
// them into the database and logging the user in.
    function register($email, $password)
    {

        // Validation.

	$email = $this->_db->realescapestring($email);
        $email = strip_tags($email);
        $password = $this->_db->realescapestring($password);
        $password = strip_tags($password);

        // End validation.

	// Encrypt the password to compare to the one stored in the database
        $password = md5($password);
        // This creates a date compliant with SQL's datetime format
        $date = date('Y-m-d H-i-s');

        // This checks to see if the username already exists.  
	$sql = "SELECT email FROM users WHERE email='".$email."';";
	$query = $this->_db->query($sql);
	$numrows = $this->_db->numrows($query);
	if($numrows > 0) {
		return "Email already exists";
	}

	// The following SQL inserts the email, password and registered datetime into the database.
        $sql = "INSERT INTO users(email, password, registered) VALUES('" . $email .
            "', '" . $password . "', '" . $date . "');";

	// This calls up the query function in my database class to apply the SQL.
        if ($this->_db->query($sql))
        {
        	// If the query is successful, log the user in and hence set up the sessions variables.
            $this->login($email, $password);
            return true;
        }
        else
        {
        	// If the query fails, return the function as false.
            return false;
        }

    }


// This ia a function to load the Details of the user into session variables, it takes the $email only,
// this is why I have made it a private function, so I can't accidently cheat a user into it.  It is called
// only from the function 'login' which sets the 'loggedin' session variable itself.
    private function loadDetails($email)
    {
	// This sql selects all of the user information besides the password.
        $sql = "SELECT iD, email, registered FROM users WHERE email='" . $email . "';";
        // This processes the query, once again using my database class.
        $query = $this->_db->query($sql);
        // This fetches the array from the query object the mysqli produces.
        $userinfo = $this->_db->fetch_assoc($query);
        // This iterates through the keys and values of the array and appends them to the variable, $userinf.
        foreach ($userinfo as $key => $value)
        {
        	// THIS IS WHERE THE ERROR EXISTS.
            $userinf[$key] = $value;

        }
        // This applies the $userinf array to the session variable 'user'
        $_SESSION['user'] = $userinf;

	// This is simply a check to see if it was successful.
        if (isset($_SESSION['user']['email']))
        {
            return true;
        }
        else
        {
            return false;
        }

    }
    // This function exists to check is the user is valid and also load the sessions variables using the private function, loadDetails..
    function login($email, $password)
    {

        // Validation.

        $email = $this->_db->realescapestring($email);
        $email = strip_tags($email);
        $password = $this->_db->realescapestring($password);
        $password = strip_tags($password);

        // End validation.

        // Code the password to compare with that stored at registration.
        $password = md5($password);

        // Ask for email and password from MySQL.

        $sql = "SELECT email, password FROM users WHERE email='" . $email .
            "'  AND password='" . $password . "';";

        // See if the user data exists in the database.
        $query = $this->_db->query($sql);
        if ($this->_db->numrows($query) > 0)
        {
            // Set sessions for rest of user details..
        	if ($this->loadDetails($email))
            {

                // Set sessions as loggedin, I did this here for security reasons.
                $_SESSION['user']['loggedin'] = true;
          
	        // Return the function , everything's set.
                return true;

            }
            else
            {
                // If the loadDetails function returns false, return this function false also.
                return false;
            }

	}
        else
        {
            //...return false.
            return false;

        }

    }


}
?>

matthewhaworth Member

matthewhaworth

Posted
  • Author
Posted

Have you tried echoing out the $key and $value as they are being passed into $userinf to test and see that the valid data is being passed?

 

Ah.  I tried that and got the following.

iD4emailthomas @ thomas . comregistered2007-08-18 02:44:39  (// I seperated em to prevent an automatically created link)

 

That means that the problem must occur when it appends it to the $_SESSION['user'].  ??? why is this?

 

FIXED :D.  Thanks a lot!

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.