Jump to content

Recommended Posts

ok I am trying to make a login system.

 

i have all the classes made up to perform the basics of the system.

 

but when i run a simple script i wrote to add a user it makes through with no errors, but it does not create the user.

 

i ran the following to make sure it was working and to give me a default user to work with.

 

<?php

include('inc/security.php');
$reg = new Registration('myemail@mysite.com','username','pass');

$reg->addUser();
echo "<strong>CONGRADULATIONS</strong>";
?>

 

i am using four files in the system.

 

config.php <- contains my global connection variables which are all correctly entered.

security.php <- contains the bulk of the processing for the system.

db.php <- contains the database connection and a few methods to handle interaction with the database.

mysql.php <- contains all the querys on the database.

 

DB.php

<?php

//include constant variables
include('config.inc.php');

class Db {

var $sql_database;
var $sql_user;
var $sql_pass;
var $sql_host;
var $sql_tbl_prefix;
var $theQuery;

/*
=================================================================
|	 #1 - Constructor
|	*********************************************************
|		Description:
|			aquires variables for database connection.
=================================================================
*/
function Db(){
	$this->sql_database = DB_NAME;
	$this->sql_user = DB_USER;
	$this->sql_pass = DB_PASS;
	$this->sql_host = DB_SERVER;
	$this->sql_tbl_prefix = TBL_PREFIX;

	$host = $this->sql_host;
	$db = $this->sql_database;
	$user = $this->sql_user;
	$pass = $this->sql_pass;

	$this->link = mysql_connect($host, $user, $pass) or die(mysql_error());
	mysql_select_db($db, $this->link) or die(mysql_error());
	register_shutdown_function(array(&$this, 'close'));
}

/*
=================================================================
|	 #2 - Query
|	*********************************************************
|		@q - string: a query to be carried out
|	[-------------------------------------------------------]
|		Description:
|			carrys out the given query
=================================================================
*/
function query($q){
	$this->theQuery = $q;
	return mysql_query($q, $this->link);
}
?>

 

the MySql class

<?php
include('db.php');

class MySql extends Db {

function insertUser($user,$pass,$email,$sid,$time) {
$sql = 'INSERT INTO users (user_pass, user_name, user_lvl, user_email, user_timestamp, user_sid, user_ip) VALUES ("'.$pass.'","'.addslashes($name).'","1",,"'.addslashes($email).'","'.$time.'","'.$sid.'","'.$_SERVER['REMOTE_ADDR'].'")';
Db::query($sql);
}

?>

 

parts of Security.php pertaining to the script

<?php

//include files used for querys
include('mysql.php');
include('config.inc.php');
$q = new MySql;

//core class for the security/login system contains all the core methods and vaiables
class Security {

//header injection check variables
public $hi_check = array (    "%0A",
					"%0D",
					"bcc:",
					"cc:",
					"mime-type:",
					"content-type:"	,
					"from:",
					"to:",
					"Bcc:",
					"Cc:",
					"Mime-Type:",
					"Content-Type:",
					"From:",
					"To:",
					"\\r",
					"\\n",
					"\\"
				);

//strip header injections
public function stripHeaders($value) {
	$value = str_replace($this->hi_check, "", $value);
	return $value;
}	

//clean user submitted data
public function cleanValue($data) {
	$clean = htmlspecialchars(stripslashes(trim($data)));
	return $clean;
}	

//create sid
public function generateSid() {
	$sid = substr(md5(sha1(mt_rand(1,)),0,32);
	return $sid;
}	

//hash data
public function hashValue($data){
	$hash = substr(md5(sha1($data)),0,32);
	return $hash;
}	

//create a timestamp
public function generateTimestamp() {
	$stamp = date(m.'-'.d.'-'.Y.' / '.g.':'.i.' '.A);
	return $stamp;
}
}

//class is used to register a new user
class Registration extends Security {

//values for registering/ from query
var $values 	= array ("name"	=> '',
				"pass" 	=> '',
				"email"	=> '',
				"sid"	=> ''
			);

//constructor
function Registration($email,$user,$pass) {
	//clean
	$user	= Security::cleanValue($user);
	$email	= Security::cleanValue($email);

	//strip headers
	$user	= Security::stripHeaders($user);

	//set values
	$this->values['name'] = $user;
	$this->values['pass'] = Security::hashValue($pass);
	$this->values['email'] = $email;
	$this->values['sid'] = Security::generateSid();
}

//add user
function addUser() {
	global $q;
	$email 	= $this->values['email'];
	$sid	= $this->values['sid'];
	$pass	= $this->values['pass'];
	$user	= $this->values['name'];
	$time	= Security::generateTimestamp();
	$q->insertUser($user,$pass,$email,$sid,$time);
	switch(VALIDATION_METHOD) {
		case 0:
			$this->generateEmail();
		break;

		case 1:
			$this->generateValidEmail();
		break;

		case 2:
			$this->generateAdminValidEmail();
		break;
	}

}

//create validation email
function generateValidEmail() {
	$to 		 = $this->values['email'];
	$subject	 = SITE_NAME.' registration';
	$headers	 = 'FROM:'.ADMIN_EMAIL;
	$headers	 = 'Bcc: ';
	$headers	 = 'Cc: ';
	$msg		 = 'Thank you for registering with '.SITE_NAME."\n\n";
	$msg		.= 'USERNAME:'.$this->vaules['user']."\n";
	$msg		.= 'PASSWORD:'.$pass."\n\n";
	$msg		.= 'Please keep your username and password in a safe place, you will need them to login'."\n\n";
	$msg		.= 'The administrator requires further activation before you are able to login. Please click the link below to activate your account.'."\n\n";
	$msg		.= 'http://www.'.SITE_URL.'?sid='.$this->values['sid']."\n\n";
	$msg		.= 'Thank you again for your interest in '.SITE_NAME."\n";
	$msg		.= '-: '.ADMIN.' :-'."\n";	
	mail($to,$subject,$msg,$headers);
}   

//create non-validation welcome email
function generateEmail() {
	$to 		 = $this->values['email'];
	$subject	 = SITE_NAME.' registration';
	$headers	 = 'FROM:'.ADMIN_EMAIL;
	$headers	 = 'Bcc: ';
	$headers	 = 'Cc: ';
	$msg		 = 'Thank you for registering with '.SITE_NAME."\n\n";
	$msg		.= 'USERNAME:'.$this->vaules['user']."\n";
	$msg		.= 'PASSWORD:'.$pass."\n\n";
	$msg		.= 'Please keep your username and password in a safe place, you will need them to login'."\n\n";
	$msg		.= 'The administrator requires further activation please allow up to 24hrs for the administrator to activate your account'."\n\n";
	$msg		.= 'Thank you again for your interest in '.SITE_NAME."\n";
	$msg		.= '-: '.ADMIN.' :-'."\n";	
	mail($to,$subject,$msg,$headers);
}

//create admin-validation welcome email
function generateAdminValidEmail() {
	$to 		 = $this->values['email'];
	$subject	 = SITE_NAME.' registration';
	$headers	 = 'FROM:'.ADMIN_EMAIL;
	$headers	 = 'Bcc: ';
	$headers	 = 'Cc: ';
	$msg		 = 'Thank you for registering with '.SITE_NAME."\n\n";
	$msg		.= 'USERNAME:'.$this->vaules['user']."\n";
	$msg		.= 'PASSWORD:'.$pass."\n\n";
	$msg		.= 'Please keep your username and password in a safe place, you will need them to login'."\n\n";
	$msg		.= 'Thank you again for your interest in '.SITE_NAME."\n";
	$msg		.= '-: '.ADMIN.' :-'."\n";	
	mail($to,$subject,$msg,$headers);
}
}

 

i have done an echo after each line and what not it is getting the data and sending the email, it just does not insert to the database.

 

any help is appriciated, also keep in mind I am new to oop in php. This is my first attempt so If I have made some flaws in my implementation please point me in the right direction so I can avoid them in the future thks.

Link to comment
https://forums.phpfreaks.com/topic/72506-solved-problems-working-with-database/
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.