FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


another question for all the PHP gods out there..........^^





Bejeweledhorses
ANOTHER QUESTION

okay, i have the login stuff all set up, but i cant seem to do one thing- i can't restrict access to pages

what i mean is that i dont know how to do this:

For a page called "MAPS" , i want it to say- Oops! your not logged in! login here.........- (if the person is not logged in)

or

if the person IS logged in, it would show the page as it should look normally.......


HELP ANYONE?!?!?!?!?!!?
does anyone have a code for this?
thanks so much!^^
hexkid
Bejeweledhorses wrote:
i have the login stuff all set up, but ... i can't restrict access to pages

Well ... it would help to know how your login stuff works.

Usually, the login stuff sets a session variable that is checked on other pages.
Code:
// login
if (loginok()) {
  $_SESSION['userid'] = 42;
} else {
  $_SESSION['userid'] = 0;
}


Code:
// other pages
if ($_SESSION['userid'] == 0) {
  // not logged in: redirect
  header('Location: login.php');
  exit('Redirected to <a href="login.php">login</a>.');
}
// rest of page
manum
ok do this

add these lines to every file 2 protect

<?php
session_start();
if(ISSET($_SESSION['loggedin']))
{
}
else
{
echo("please log in");
}
?>

and don't remember to set $_SESSION['loggedin'] when a user logs in from login.php

need more help contact me with ur login php script
Bejeweledhorses
thanks so much guys-
i guess that i need a lot more practice with php! wish me luck! thanks!
Bejeweledhorses
ummmmmmmmmmm, hexkid- i put your code in and it comes up as this:


(the first code
// login
if (loginok()) {
$_SESSION['userid'] = 42;
} else {
$_SESSION['userid'] = 0;
})

and the page looks like this:


Fatal error: Call to undefined function: loginok() in /home/bejewele/domains/bejeweledhorses.frih.net/public_html/news.php on line 3
Bejeweledhorses
how do i keep my members in session?
i put in the second code of hexkid and it works fine but then, when my members log in, it blocks them too!

The login logout thing i have is VERY basic:

Remeber-sometimes i can be VERY dumb-so please walk me through this like a 4 yr old..................^^
hexkid
Hmmm ... you have to define the login() function; that's why you get "undefined function".

Your members login through a from with name/password, right?
Let's say the names of the inputs are "name" and "password" -- so they are visible to PHP as $_POST['name'] and $_POST['password']. The login() function must validate that info, something like this:
Code:
<?php
function login() {
  if (($_POST['name'] == 'John') && ($_POST['password'] == 'fortytwo')) return true;
  if (($_POST['name'] == 'Mike') && ($_POST['password'] == 'f00d')) return true;
  if (($_POST['name'] == 'Ann') && ($_POST['password'] == 'star')) return true;
  return false;
}
?>
Of course that doing it like this means they can't change their password, and it's a PITA to add/remove members. I have no idea how your members are set up (database?, text file? one name only?) so that's why I didn't right the function in the first place. Also the $_SESSION['userid'] should not be 42, but the number that identifies the user in your system; I prefer to use a number, rather than just $_SESSION['loggedin'], because with a number I have the logeedin information as well as the identification in the same place.
Rhysige
Well for starter you were supposed to MAKE the function loginok()... but anyway Login systems are simple.

First when they enter their username and password check that they match the stuff in the database, if they do then setup their sessions etc, for example you would put
Code:
$_SESSION['loggedin'] = 1;


Now to secure a page I suggest you make a function thats simply called securePage()

This function should look somehwat like the following
Code:

function securePage(){
if($_SESSION['loggedin'] == 1){
return true;
}else{
die('You are not allowed to access this page bugger off and login');
}
Bejeweledhorses
rhysieage, i put in you code and this is what i get:


Parse error: syntax error, unexpected $end in /home/bejewele/domains/bejeweledhorses.frih.net/public_html/map.php on line 27

i put in:
<?php
$_SESSION['loggedin'] = 1;


function securePage(){
if($_SESSION['loggedin'] == 1){
return true;
}else{
die('You are not allowed to access this page!Please go and login');
}
?>


*did i do somehting wrong again? this is so hard! i use databases and tables to keep track of members. Any advice or help in codes? thanks!^^*
MrBlueSky
Bejeweledhorses wrote:
rhysieage, i put in you code and this is what i get:


Parse error: syntax error, unexpected $end in /home/bejewele/domains/bejeweledhorses.frih.net/public_html/map.php on line 27

i put in:
<?php
$_SESSION['loggedin'] = 1;


function securePage(){
if($_SESSION['loggedin'] == 1){
return true;
}else{
die('You are not allowed to access this page!Please go and login');
}
?>


*did i do somehting wrong again? this is so hard! i use databases and tables to keep track of members. Any advice or help in codes? thanks!^^*


You are missing a '}'

Quote:


<?php
$_SESSION['loggedin'] = 1;


function securePage(){
if($_SESSION['loggedin'] == 1){
return true;
}else{
die('You are not allowed to access this page!Please go and login');
}
}
?>
Bejeweledhorses
thank you- yes, your explaination made sense. one more tiny question:Is there a specific function that lets you display the updated page of a person's homepage?
lets say i wanted people to see how many "pets" they had. how do i call the function to display it from a database table?

thanks!
Bejeweledhorses
whats the difference between
long text
and
BLOB
and text

how should i make it if i want it to show html?

should i selected BLOB?

(used in Mysql databses)
Bejeweledhorses
ummmmmmmmmm how do you make teh following show up on a users page:


Welcome (username)! this is your stable!
Bejeweledhorses
anyone? does anyone know how this function is supposed to work?
Bejeweledhorses
i can't figure out how to make a page show a specific users section of a table! please help!
MrBlueSky
I'm sorry Bejeweledhorses, but I think you're question is to vague for anyone to help you. Try to be more specific. Post some code you have so far. What exactly is the problem? Where do you get stuck?
Bejeweledhorses
i cant get it to say, welcom user #123! This is your stable!

then you see that users stable layout

underneath would show what horses they own

at the bottm, there would be a small text box that allows them to update it........


i use databases,mysql, phpMyAdmin, html,and PHp to code this page that would be something like ''www.blahstables.com/stables.php''


I heard that there was a extension like www.blahworld.com/stables.php?=userid123 or somehting like that...........what does it mean and how can i use it?

Is this specific enough?


THanks so much for responding!!!
DanielXP
http://rmb-scripting.com/tutorials.php?tutorial&tid=58

For a basic user system.
AOP Web Development
try this code dude.


if(!session_is_registered("userid") and !session_is_registered("password")){

echo "<script>alert('Sorry, You don't have a privilege to view this page please login! ')</script>";

echo "<script>window.location='login.php'</script>";

}


This dude will check if the user registered in the session and it will check if the user is registered then he/she can view the page but if not it will pop up a message the he/she can't view the page unless it will login and then it will automatically redirect to login page.


If you want you can exclude the popup message to not be annoying and it will automatically redirect to login page.. i hope it helps.!
I hope it can help dude..
mathiaus
That's javascript though right? So by turning it off, I won't be redirected, and as the rest of the code isn't in an else, I'll still have access to everything.
Rhysige's code is much more secure.

From the URL, take the user_id
Code:
$user_id = $_GET['userid'];

and use it in your mysql statement to get that person's horses. Something like this (though without knowing your schema its hard to guess)
Quote:
SELECT `horses` FROM `stables` WHERE ownerid=$user_id


As for the stable layout, how do you know who has which layout and what are they? (images???)

For the 'Welcome (username)' to work, you need to have their username somewhere. If it's stored in a session that's handy, otherwise you'll have to retrieve it from your database. As to putting it into your page, are you using a template engine or just applying the php code to the appropriate HTML code part?
AOP Web Development
I forget dude just add else statement to the other page so that it will not view the page...


regarding in your statement [code]$user_id = $_GET['userid']; do i have to check it on every pages to know if this person is log in... i think it would be better to login once and store it to session.



mathiaus wrote:
That's javascript though right? So by turning it off, I won't be redirected, and as the rest of the code isn't in an else, I'll still have access to everything.
Rhysige's code is much more secure.

From the URL, take the user_id
[code]$user_id = $_GET['userid'];[/code]
and use it in your mysql statement to get that person's horses. Something like this (though without knowing your schema its hard to guess)
Quote:
SELECT `horses` FROM `stables` WHERE ownerid=$user_id


As for the stable layout, how do you know who has which layout and what are they? (images???)

For the 'Welcome (username)' to work, you need to have their username somewhere. If it's stored in a session that's handy, otherwise you'll have to retrieve it from your database. As to putting it into your page, are you using a template engine or just applying the php code to the appropriate HTML code part?
Bejeweledhorses
all i want is a page that can differentiate between users and show there horses and stable layout. when others click on there name, they should be able to see that persons stable page but not be able to update it. Its kind of like neopets but a little different...............










i use a database for this.........i want the layout for the thing to be TEXT only.....

i am still a bit confused............

table for members is:
id username password


the table has the following sections for stables:
stableID stable_name layout

a seperate table in a seperate database has Horses
horseid name color ownerid breed gender


i am getting a bit confused.......... am i clearing up what i am asking in the first place at all?

thanks for the help so far guys- i will try it and maybe if i adjust it a little bit it will work...
Gundamxxg
try using this code, it is directly from something that I use.

for the welcome script:

Code:

session_start();
// include 'connect.php';
// the include above you dont necessarily need however you will need this

$dbuser = // here you would put your db username
$dbpass = // here you would put your db password
$database = // here you would put the name of the database that you are selecting

mysql_connect("localhost", "$dbuser", "$dbpw");
mysql_select_db("$database");


$username = trim($_POST['user']); // form field should be called user
$password = trim($_POST['pass']); // form field should be called pass
$password = md5($password);
$login = $_POST['login']; // the form function for the login should be called login
if (isset($login))
     {
$sql = "select * from members where username = '$username' AND password = '$password'";
$result = mysql_query($sql);
    }
$nummatches = @mysql_num_rows($result);   
if ($nummatches > 0)
    {
$_SESSION['approved'] = 'yes';
$_SESSION['user'] = $username;
    }
if ($nummatches == 1 || $_SESSION['approved'] == 'yes')
    {

// logged in page content would go here
//
//
//

} else {

// display the login area here //

}
?>



now for the actual calling of the name
put this at the top of the page where ever you want to use the users name

Code:

<?
start_session();

$username = $_SESSION['user'];

?>

<!-- in your html you would put this -->

<p>welcome <? echo "$username"; ?> , </p>



that should be all the parts that you need to be able to display that information and have a proper login system.
Bejeweledhorses
Gundamxxg, this is what the page shows when i put your code in:



Fatal error: Call to undefined function: start_session() in /home/bejewele/domains/bejeweledhorses.frih.net/public_html/stafflist.php on line 12
Bejeweledhorses
i dont need a login page! i already have one! i need a layout/homepage for each user that can be viewed! Yikes! my brain hurts!
Android
Bejeweledhorses wrote:
Gundamxxg, this is what the page shows when i put your code in:



Fatal error: Call to undefined function: start_session() in /home/bejewele/domains/bejeweledhorses.frih.net/public_html/stafflist.php on line 12


the function should be session_start() I believe
Gundamxxg
Bejeweledhorses wrote:
i dont need a login page! i already have one! i need a layout/homepage for each user that can be viewed! Yikes! my brain hurts!


what you are going to need to do then is add dynamic links to each persons page and have the information in the database called in with php. To do so you will need to make a templated page that you will use. To get the information from the database you should use the GET method and make the links use that format. eg. /yourpage.php?user=$id where $id is available for each and every user that you have. That id will be me the main force behind all your information. If you need any additional help with this you can PM me and I can try to walk you through it step by step.
Manofgames
bejeweledhorses:
I suggest you post your database structure for the users table,a nd the table where you store the info about each person's horses in the stable.

http://uk2.php.net/session_start that is the link, and yes the function should be session_start()

also, I think most of the scripts here would display the page, even if the user had no credentials to do so.

I think you should place exit(); after the part of the script that displays something if the user is logged in.
that would stop the rest of the script from executing.

here's my idea for you bejeweled horses:

Code:

<PHP
function mydie($error, $email, $subject){
echo "We appear to have a problem :(<br />The admin has been mailed";
$date = date('l dS \of F Y h:i:s A');
$message = "Admin, \n an error occured at $date . \n Error: \n\n\n $error  \n\n\n Thanks, \n\n Auto gend error";
mail ($email, $subject, $message);
}



$dispuser = addslashes($_GET['uid']);
//At this point, I presume a connection to the correct database is open

$getpersonquery = "SELECT * FROM stableinfo WHERE uid='$dispuser'";
$executequery = mysql_query($getpersonquery);
if (!$executequery) {
   die(mydie(mysql_error(), 'admin@thesite.com', 'A MYSQL ERROR HAS OCCURED');
}//If something has gone wrong, the script will mail you the error and 'die' after showing the user a message

if(mysql_num_rows ($executequery) == '0'){
echo "No results were returned";
exit();
}
$row = mysql_fetch_assoc($executequery)

echo "Hello, this is ".$row['ownername']."'s stable";
echo "They have horse: <b> $row['horsename'] </b><br/>";
echo "Their stable number is: <b> $row['stablenumber'] </b><br />";
?>

It will get the uid from the url, ie: http://www.yourdomain.com/showstable.php?uid=1 and display info from the DB about that person's stable / horse

it should hopefully work ok, but may need a bit of modifying to work with your script.

If all goes well it should display something like:

Hellothis is Bejeweled's stable
They have horse: Bejeweledhorses
Their stable number is: 001

email me if you have any trouble (the email button below this post)
Related topics
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.