Stickybomb Posted October 9, 2007 Share Posted October 9, 2007 ok I am trying to make a login system. i have all the classes made up to perform the basics of the system. but when i run a simple script i wrote to add a user it makes through with no errors, but it does not create the user. i ran the following to make sure it was working and to give me a default user to work with. <?php include('inc/security.php'); $reg = new Registration('myemail@mysite.com','username','pass'); $reg->addUser(); echo "<strong>CONGRADULATIONS</strong>"; ?> i am using four files in the system. config.php <- contains my global connection variables which are all correctly entered. security.php <- contains the bulk of the processing for the system. db.php <- contains the database connection and a few methods to handle interaction with the database. mysql.php <- contains all the querys on the database. DB.php <?php //include constant variables include('config.inc.php'); class Db { var $sql_database; var $sql_user; var $sql_pass; var $sql_host; var $sql_tbl_prefix; var $theQuery; /* ================================================================= | #1 - Constructor | ********************************************************* | Description: | aquires variables for database connection. ================================================================= */ function Db(){ $this->sql_database = DB_NAME; $this->sql_user = DB_USER; $this->sql_pass = DB_PASS; $this->sql_host = DB_SERVER; $this->sql_tbl_prefix = TBL_PREFIX; $host = $this->sql_host; $db = $this->sql_database; $user = $this->sql_user; $pass = $this->sql_pass; $this->link = mysql_connect($host, $user, $pass) or die(mysql_error()); mysql_select_db($db, $this->link) or die(mysql_error()); register_shutdown_function(array(&$this, 'close')); } /* ================================================================= | #2 - Query | ********************************************************* | @q - string: a query to be carried out | [-------------------------------------------------------] | Description: | carrys out the given query ================================================================= */ function query($q){ $this->theQuery = $q; return mysql_query($q, $this->link); } ?> the MySql class <?php include('db.php'); class MySql extends Db { function insertUser($user,$pass,$email,$sid,$time) { $sql = 'INSERT INTO users (user_pass, user_name, user_lvl, user_email, user_timestamp, user_sid, user_ip) VALUES ("'.$pass.'","'.addslashes($name).'","1",,"'.addslashes($email).'","'.$time.'","'.$sid.'","'.$_SERVER['REMOTE_ADDR'].'")'; Db::query($sql); } ?> parts of Security.php pertaining to the script <?php //include files used for querys include('mysql.php'); include('config.inc.php'); $q = new MySql; //core class for the security/login system contains all the core methods and vaiables class Security { //header injection check variables public $hi_check = array ( "%0A", "%0D", "bcc:", "cc:", "mime-type:", "content-type:" , "from:", "to:", "Bcc:", "Cc:", "Mime-Type:", "Content-Type:", "From:", "To:", "\\r", "\\n", "\\" ); //strip header injections public function stripHeaders($value) { $value = str_replace($this->hi_check, "", $value); return $value; } //clean user submitted data public function cleanValue($data) { $clean = htmlspecialchars(stripslashes(trim($data))); return $clean; } //create sid public function generateSid() { $sid = substr(md5(sha1(mt_rand(1,)),0,32); return $sid; } //hash data public function hashValue($data){ $hash = substr(md5(sha1($data)),0,32); return $hash; } //create a timestamp public function generateTimestamp() { $stamp = date(m.'-'.d.'-'.Y.' / '.g.':'.i.' '.A); return $stamp; } } //class is used to register a new user class Registration extends Security { //values for registering/ from query var $values = array ("name" => '', "pass" => '', "email" => '', "sid" => '' ); //constructor function Registration($email,$user,$pass) { //clean $user = Security::cleanValue($user); $email = Security::cleanValue($email); //strip headers $user = Security::stripHeaders($user); //set values $this->values['name'] = $user; $this->values['pass'] = Security::hashValue($pass); $this->values['email'] = $email; $this->values['sid'] = Security::generateSid(); } //add user function addUser() { global $q; $email = $this->values['email']; $sid = $this->values['sid']; $pass = $this->values['pass']; $user = $this->values['name']; $time = Security::generateTimestamp(); $q->insertUser($user,$pass,$email,$sid,$time); switch(VALIDATION_METHOD) { case 0: $this->generateEmail(); break; case 1: $this->generateValidEmail(); break; case 2: $this->generateAdminValidEmail(); break; } } //create validation email function generateValidEmail() { $to = $this->values['email']; $subject = SITE_NAME.' registration'; $headers = 'FROM:'.ADMIN_EMAIL; $headers = 'Bcc: '; $headers = 'Cc: '; $msg = 'Thank you for registering with '.SITE_NAME."\n\n"; $msg .= 'USERNAME:'.$this->vaules['user']."\n"; $msg .= 'PASSWORD:'.$pass."\n\n"; $msg .= 'Please keep your username and password in a safe place, you will need them to login'."\n\n"; $msg .= 'The administrator requires further activation before you are able to login. Please click the link below to activate your account.'."\n\n"; $msg .= 'http://www.'.SITE_URL.'?sid='.$this->values['sid']."\n\n"; $msg .= 'Thank you again for your interest in '.SITE_NAME."\n"; $msg .= '-: '.ADMIN.' :-'."\n"; mail($to,$subject,$msg,$headers); } //create non-validation welcome email function generateEmail() { $to = $this->values['email']; $subject = SITE_NAME.' registration'; $headers = 'FROM:'.ADMIN_EMAIL; $headers = 'Bcc: '; $headers = 'Cc: '; $msg = 'Thank you for registering with '.SITE_NAME."\n\n"; $msg .= 'USERNAME:'.$this->vaules['user']."\n"; $msg .= 'PASSWORD:'.$pass."\n\n"; $msg .= 'Please keep your username and password in a safe place, you will need them to login'."\n\n"; $msg .= 'The administrator requires further activation please allow up to 24hrs for the administrator to activate your account'."\n\n"; $msg .= 'Thank you again for your interest in '.SITE_NAME."\n"; $msg .= '-: '.ADMIN.' :-'."\n"; mail($to,$subject,$msg,$headers); } //create admin-validation welcome email function generateAdminValidEmail() { $to = $this->values['email']; $subject = SITE_NAME.' registration'; $headers = 'FROM:'.ADMIN_EMAIL; $headers = 'Bcc: '; $headers = 'Cc: '; $msg = 'Thank you for registering with '.SITE_NAME."\n\n"; $msg .= 'USERNAME:'.$this->vaules['user']."\n"; $msg .= 'PASSWORD:'.$pass."\n\n"; $msg .= 'Please keep your username and password in a safe place, you will need them to login'."\n\n"; $msg .= 'Thank you again for your interest in '.SITE_NAME."\n"; $msg .= '-: '.ADMIN.' :-'."\n"; mail($to,$subject,$msg,$headers); } } i have done an echo after each line and what not it is getting the data and sending the email, it just does not insert to the database. any help is appriciated, also keep in mind I am new to oop in php. This is my first attempt so If I have made some flaws in my implementation please point me in the right direction so I can avoid them in the future thks. Quote Link to comment https://forums.phpfreaks.com/topic/72506-solved-problems-working-with-database/ Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.