Jump to content

[SOLVED] Completely irrelevant output for what I have typed..

matthewhaworth

By matthewhaworth
in PHP Coding Help

 Share

Recommended Posts

matthewhaworth Member

matthewhaworth

Posted
Posted 

<?php
/*
* user.class.php
*
* @package 
* @author matthew haworth
* @copyright 2007
* @version $Id$
* @access public
*/
class user
{

    private $_db;


    //private $_email;
    //private $_password;

    function __construct(&$db)
    {
		$this->_db = $db;
    }

function checkLogin() {

	if($_SESSION['user']['loggedin']) {

		return true;

	}
	else
	{
		return false;
	}

}

function register($email, $password) {

	// Validation.
        
	$email = $this->_db->realescapestring($email);
	$email = strip_tags($email);
	$password = $this->_db->realescapestring($password);
	$password = strip_tags($password);

	// End validation.	

	$password = md5($password);
        $date = date('Y-m-d H-i-s');
        
        // See if the user already exists..
        if($this->login($email, $password, false)) {
		return false;
	}
        
	$sql = "INSERT INTO users(email, password, registered) VALUES('".$email."', '".$password."', '".$date."');";

	if($this->_db->query($sql)) {
		$this->login($email, $password);
		return true;
	}
	else
	{
		return false;
	}

}

    private function loadDetails($email)
    {

        $sql = "SELECT iD, email, registered FROM users WHERE email='". $email ."';";
        $query = $this->_db->query($sql);
        $userinfo = $this->_db->fetch_assoc($query);
        foreach ($userinfo as $key => $value)
        {
        	$userinf[$key] = $value;

        }
	$_SESSION['user'] = $userinf;

	if(isset($_SESSION['user']['email'])) 
	{
		return true;
	}
	else
	{
		return false;
	}

    }

    function login($email, $password, $sessions = true)
    {

        // Validation.
        
	$email = $this->_db->realescapestring($email);
	$email = strip_tags($email);
	$password = $this->_db->realescapestring($password);
	$password = strip_tags($password);

	// End validation.

	// Code the password to compare with that stored at registration.
        $password = md5($password);

	// Ask for email and password from MySQL.

        $sql = "SELECT email, password FROM users WHERE email='" . $email .
            "'  AND password='" . $password . "';";

	// See if the user data exists in the database.

	$query = $this->_db->query($sql);	
	//print($this->_db->numrows($query));
        if ($this->_db->numrows($query) > 0)
        {
		// I don't know why but I wanted to have the class know the email, on initialisation
            //$this->_email = $email; // Infact, scrap that now.
            
		// If I want to apply sessions, here they are.
		if($sessions) {
			// Set sessions for rest of user details..
			if($this->loadDetails($email)) {

				// Set sessions as loggedin, I did this here for security reasons.
				$_SESSION['user']['loggedin'] = true;
				// Return the function , everything's set.

				return true;

			}
			else
			{
				// If the loadDetails function returns false, return this function false also.
				return false;
			}
		} else {
			return true;
		}
        
	// If the user doesn't exist in the database...
        }
        else
        {
		//...return false.
            return false;

        }

    }


}
?>

 

When I print_r my $_SESSION['user'] after calling my login script (the sessions are set in loadDetails)... i get this output

 

user Object ( [_db:private] => db Object ( [_db:private] => mysqli Object ( ) [_queries:private] => 0 ) [external] => )

 

As though it's applied my user object to my $_SESSION['user'].  I don't understand.  ???

Link to comment
Share on other sites
matthewhaworth Member

matthewhaworth

Posted
  • Author
Posted

I don't mean to double post but I couldn't locate the edit function to edit my previous post.

 

Anyways.  I completely annotated my code so that you can understand exactly what is going on.  I highlighted where the error is.

 

 

<?php
/*
* user.class.php
*
* @package 
* @author matthew haworth
* @copyright 2007
* @version $Id$
* @access public
*/
class user
{

// This is where I will store the database class.
    private $_db;


// Construct the user class. This means taking the object $db and applying it to the private variable $_db.
    function __construct(&$db)
    {
        $this->_db = $db;
    }

    
// The check login function sees if the $_SESSION['user']['loggedin'] variable is set to true and returns
// true or false depending on what it finds.  Actually useless as the code if($_SESSION['user']['loggedin'])
// would work adequately.
function checkLogin()
    {

        if ($_SESSION['user']['loggedin'])
        {

            return true;

        }
        else
        {
            return false;
        }

    }


// The register function accepts two arguments, $email and $password.  It cleans both variables before placing
// them into the database and logging the user in.
    function register($email, $password)
    {

        // Validation.

	$email = $this->_db->realescapestring($email);
        $email = strip_tags($email);
        $password = $this->_db->realescapestring($password);
        $password = strip_tags($password);

        // End validation.

	// Encrypt the password to compare to the one stored in the database
        $password = md5($password);
        // This creates a date compliant with SQL's datetime format
        $date = date('Y-m-d H-i-s');

        // This checks to see if the username already exists.  
	$sql = "SELECT email FROM users WHERE email='".$email."';";
	$query = $this->_db->query($sql);
	$numrows = $this->_db->numrows($query);
	if($numrows > 0) {
		return "Email already exists";
	}

	// The following SQL inserts the email, password and registered datetime into the database.
        $sql = "INSERT INTO users(email, password, registered) VALUES('" . $email .
            "', '" . $password . "', '" . $date . "');";

	// This calls up the query function in my database class to apply the SQL.
        if ($this->_db->query($sql))
        {
        	// If the query is successful, log the user in and hence set up the sessions variables.
            $this->login($email, $password);
            return true;
        }
        else
        {
        	// If the query fails, return the function as false.
            return false;
        }

    }


// This ia a function to load the Details of the user into session variables, it takes the $email only,
// this is why I have made it a private function, so I can't accidently cheat a user into it.  It is called
// only from the function 'login' which sets the 'loggedin' session variable itself.
    private function loadDetails($email)
    {
	// This sql selects all of the user information besides the password.
        $sql = "SELECT iD, email, registered FROM users WHERE email='" . $email . "';";
        // This processes the query, once again using my database class.
        $query = $this->_db->query($sql);
        // This fetches the array from the query object the mysqli produces.
        $userinfo = $this->_db->fetch_assoc($query);
        // This iterates through the keys and values of the array and appends them to the variable, $userinf.
        foreach ($userinfo as $key => $value)
        {
        	// THIS IS WHERE THE ERROR EXISTS.
            $userinf[$key] = $value;

        }
        // This applies the $userinf array to the session variable 'user'
        $_SESSION['user'] = $userinf;

	// This is simply a check to see if it was successful.
        if (isset($_SESSION['user']['email']))
        {
            return true;
        }
        else
        {
            return false;
        }

    }
    // This function exists to check is the user is valid and also load the sessions variables using the private function, loadDetails..
    function login($email, $password)
    {

        // Validation.

        $email = $this->_db->realescapestring($email);
        $email = strip_tags($email);
        $password = $this->_db->realescapestring($password);
        $password = strip_tags($password);

        // End validation.

        // Code the password to compare with that stored at registration.
        $password = md5($password);

        // Ask for email and password from MySQL.

        $sql = "SELECT email, password FROM users WHERE email='" . $email .
            "'  AND password='" . $password . "';";

        // See if the user data exists in the database.
        $query = $this->_db->query($sql);
        if ($this->_db->numrows($query) > 0)
        {
            // Set sessions for rest of user details..
        	if ($this->loadDetails($email))
            {

                // Set sessions as loggedin, I did this here for security reasons.
                $_SESSION['user']['loggedin'] = true;
          
	        // Return the function , everything's set.
                return true;

            }
            else
            {
                // If the loadDetails function returns false, return this function false also.
                return false;
            }

	}
        else
        {
            //...return false.
            return false;

        }

    }


}
?>

Link to comment
Share on other sites
matthewhaworth Member

matthewhaworth

Posted
  • Author
Posted

Have you tried echoing out the $key and $value as they are being passed into $userinf to test and see that the valid data is being passed?

 

Ah.  I tried that and got the following.

iD4emailthomas @ thomas . comregistered2007-08-18 02:44:39  (// I seperated em to prevent an automatically created link)

 

That means that the problem must occur when it appends it to the $_SESSION['user'].  ??? why is this?

 

FIXED :D.  Thanks a lot!

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.