Help with PHP Coding

[c.barber]

I am new to php, where do i put this then?:

full check_login.php file:

PHP Code:

<html>
<head>
<title>Untitled Document</title>
</head>

<body>
<?php
session_start();
/* check login script, included in db_connect.php. */



if (!isset($_SESSION['username']) || !isset($_SESSION['password'])) {
    $logged_in = 0;
    return;
} else {

    // remember, $_SESSION['password'] will be encrypted.

    if(!get_magic_quotes_gpc()) {
        $_SESSION['username'] = addslashes($_SESSION['username']);
    }


    // addslashes to session username before using in a query.
    $pass = $db_object->query("SELECT password FROM users WHERE username = '".$_SESSION['username']."'");

    if(DB::isError($pass) || $pass->numRows() != 1) {
        $logged_in = 0;
        unset($_SESSION['username']);
        unset($_SESSION['password']);
        // kill incorrect session variables.
    }

    $db_pass = $pass->fetchRow();

    // now we have encrypted pass from DB in 
    //$db_pass['password'], stripslashes() just incase:

    $db_pass['password'] = stripslashes($db_pass['password']);
    $_SESSION['password'] = stripslashes($_SESSION['password']);



    //compare:



    if($_SESSION['password'] == $db_pass['password']) { 
        // valid password for username
        $logged_in = 1; // they have correct info
                    // in session variables.
    } else {
        $logged_in = 0;
        unset($_SESSION['username']);
        unset($_SESSION['password']);
        // kill incorrect session variables.
    }
}


// clean up
unset($db_pass['password']);

$_SESSION['username'] = stripslashes($_SESSION['username']);

?>
</body>
</html>

Can you tell me where in the above file that needs to go?

Sorry about this, I don't know much about PHP

[Dylan B]

Change the top to

PHP Code:

<?php
session_start(); 
?>
<html>
<head>
<title>Untitled Document</title>
</head>

<body>

YOu need to put session_start before any output to the browser.

[c.barber]

oh I know what you mean now, sorry

Now I get:

Warning: Cannot send session cookie - headers already sent by (output started at c:\phpdev5\www\public\php stuff\register.php:9) in c:\phpdev5\www\public\php stuff\check_login.php on line 2

Warning: Cannot send session cache limiter - headers already sent (output started at c:\phpdev5\www\public\php stuff\register.php:9) in c:\phpdev5\www\public\php stuff\check_login.php on line 2

So many errors lol

[Dylan B]

Do you have anyting before the session_start();? Even whitespace?

[c.barber]

nope no space at all

PHP Code:

<?php
session_start();
?> 
<html>
<head>
<title>Untitled Document</title>
</head>
<body>

[c.barber]

Ive fixed it! I added

<?php
session_start();
?>

to the beginning of EVERY page

Only error I get is once I have registered:

Warning: Unknown modifier '/' in c:\phpdev5\www\public\php stuff\register.php on line 82

line 82 of register.php:

if ($_POST['website'] != '' & !preg_match("/^(http|ftp):///", $_POST['website'])) {

How do i get rid of this error?

[Dylan B]

Like I said, that deals with regular expressions, which sadly I am not skilled in. I would start a new forum post for that issue, maybe someone will help you.

[markl999]

Try:
if ($_POST['website'] != '' & !preg_match("/^(http|ftp):\/\//", $_POST['website'])) {

[c.barber]

thanks, thats got it