SitePoint Sponsor

User Tag List

Results 1 to 3 of 3

Thread: Two Class Bugs

  1. #1
    SitePoint Member
    Join Date
    Aug 2005
    Posts
    24
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Two Class Bugs

    I have never used classes in any program lanuage before, but I decided to start, and they have became very useful. However I have two bugs and no idea on how to go about fixing them.

    Bug one: if a user incorrectly signs in on the homepage it returns any errors, if the user then navigates away from that page, and then uses the browser back button to navigate back, they are given a page expired warning and have to refresh.

    Bug two: if a user signs in succesfully, they are returned confirmation, however if a user happens to refresh the page, the confirmation is returned twice.

    Here are the two pages and the two classes.

    index.php
    PHP Code:
    <?php 
     session_start
    ();
     
    //includes need for page 
     
    include_once("scripts/loginClass.php");
     include_once(
    "scripts/sql.php"); 
     
    $form = new login(); 
     
    //checks if logged in
     
    if($_SESSION['username']) {
        
    $vaild true;
        
    $form->userLogged();
     }
     
    //if form has been sent validate it and return results
     
    if (isset($_POST['submit'])) {
        
    //check username and password are entered
        
    $form->isEmpty($_POST['username'], 'You must enter a username.'true);
        
    $form->isEmpty($_POST['password'], 'You must enter a password.'true);
        if(
    $form->err == 0) {
            
    //if so validate username and password 
            
    $password $_POST['password'];
            
    $password md5($password);
            
    $form->validate($_POST['username'], $password'Login failed.');
        }    
        if(
    $form->ifValid()) {
            
    //if vaild set valid a true, create username session, show user details 
            
    $vaild true;
            
    $_SESSION['username'] = $_POST['username'];
            
    $form->userLogged();    
        } else {
            
    //if not vaild show error
            
    $errors $form->showMsg();
            echo 
    $errors;
        }    
    }
     if(!
    $vaild) {
        
    //if vaild is not set show login form
    ?>
    <form action='<?php $_SERVER['PHP_SELF']; ?>' method="post" id="login">
     <label for="username">Username</label>
     <input type="text" name="username" id="username" value='<?php $form->ifPost($_POST['username']); ?>' />
     <br /> 
     <label for="password">Password</label>
     <input type="password" name="password" id="password" value='<?php $form->ifPost($_POST['password']); ?>' />
     <br />
     <input type='submit' id='submit' name='submit' value='Login' />
     <br />
    </form>
    <?php
     

    ?>
    <a href="register.php">Register</a>
    register.php
    PHP Code:
    <?php
     session_start
    ();
     
    //if user logged in goto homepage
     
    if($_SESSION['username']) {
        
    header("Location: index.php");
     }
     
    //include need files
     
    include_once("scripts/validatingClass.php");
     include_once(
    "scripts/sql.php"); 
     
    $form = new formCheck(5);
     
    $hash $form->passGen(11);
     
    //validate form when submitted
     
    if (isset($_POST['submit'])) {
        
    //if form has been submitted vailidate it
        
    $form->isUnique($form->checkLength($form->isAllChars($form->isEmpty($_POST['username'], 'You must choose a username.'true),'Your username must contain only letters.'), 'Username must be between 4-12 letters long.'124), 'users''username''Sorry this username is already registered');
        
    $form->checkLength($form->isEmpty($_POST['password'], 'You must choose a password.'true), 'Your password must be between 6-15 characters long.'156);
        
    $form->isUnique($form->isAllChars($form->isEmail($form->isEmpty($_POST['email'], 'You must supply an email address.'true), 'Please enter a vaild email address.'), 'Email address can not contain spaces.'), 'users''email''Someone has already registered with this email address.');
        
    $form->ifPass($form->isEmpty($_POST['pass'], 'You must verify the image.'true), $_POST['hash'], 'Image verification failed.');
        
    //if form is vaild set valid as true, add user to db, show comfirmation
        
    if($form->ifValid()) {
            
    $vaild true;
            
    $password $_POST['password'];
            
    $password md5($password);
            
    $sql "INSERT INTO users (user_id, username, password, email) 
                    VALUES ('', '"
    .$_POST['username']."', '".$password."', '".$_POST['email']."')";
            
    mysql_query($sql);
            echo 
    "Thank you for registering ".$_POST['username'];
            echo 
    "<br /><a href='index.php'>Homepage</a>";
        } else {
            
    //if forms not valid, show errors
            
    $errors $form->showMsg();
            echo 
    $errors;
        }
     }
     
    //if valid not set, show form
     
    if(!$vaild) {
        
    ?>
        <form action='<?php $_SERVER['PHP_SELF']; ?>' method='post' id='register'>
         <p>All fields must be filled out.</p>
         <label for='username'>Username</label>
         <input type='text' id='username' name='username' value='<?php $form->ifPost($_POST['username']); ?>' />
         <br />
         <label for='password'>Password</label>
         <input type='password' id='password' name='password' />
         <br />
         <label for='email'>Email</label>
         <input type='text' id='email' name='email' value='<?php $form->ifPost($_POST['email']); ?>' />
         <br />
         <label for='pass'>Image verification</label>
         <input type='text' id='pass' name='pass' maxlength='5' ?><?php echo $form->imageGen('images/icons/','gif'); ?>
         <br />
         <input type='hidden' id='hash' name='hash' value='<?php echo $hash?>' />
         <input type='submit' id='submit' name='submit' value='Register' />
        </form>
        <br />
        <a href="index.php">Homepage</a>
        <?php
     
    }
    ?>
    validatingClass.php
    PHP Code:
    <?php
     
    class formCheck {
        var 
    $err
        var 
    $msg
        var 
    $size
        var 
    $pass;
        
        function 
    formCheck($size=0) {
            
    $this->err =0;
            
    $this->msg = array();
            
    $this->size $size;
        }
        function 
    ifValid() {
            return(
    $this->err == 0)? true false;
        }
        function 
    showErr() {
            return 
    $this->err;
        }
        function 
    showMsg() {
            
    $message "";
            foreach (
    $this->msg as $value) {
                
    $message .="<li>".$value."</li>\n";
            }
            return 
    $message;
        }
        function 
    ifPost($post) {
            echo (isset(
    $post))? stripslashes($post) : "";
        }
        function 
    isEmpty($data$message$req=true) {
            if (
    $req || $data) {
                if(empty(
    $data)) {
                    
    $this->err++;
                    
    $this->msg[] = $message;
                 } else {
                    return 
    $data;
                }
            }
        }
        function 
    isNumbers($data$message) {
            if (
    $data) {
                if(
    eregi("[^0-9{1,}"$data)) {
                    
    $this->err++;
                    
    $this->msg[] = $message;
                } else {
                    return 
    $data;
                }
            }
        }
        function 
    isLetters($data$message) {
            if (
    $data) {
                if(
    eregi("[^a-zA-Z]{1,}"$data)) {
                    
    $this->err++;
                    
    $this->msg[] = $message;
                } else {
                    return 
    $data;
                }
            }
        }
        function 
    isAlnum($data$message) {
            if (
    $data) {
                if(
    eregi("[^a-zA-Z0-9]{1,}"$data)) {
                    
    $this->err++;
                    
    $this->msg[] = $message;
                } else {
                    return 
    $data;
                }
            }
        }
        function 
    isAllChars($data$message) {
            if(
    $data) {
                if(
    $data htmlspecialchars($data)) {
                    if (
    eregi("[^[:punct:]a-zA-Z0-9]{1,}"$data)) {
                        
    $this->err++;
                        
    $this->msg[] = $message;
                    } else {
                        return 
    $data;
                    }
                }
            }
        }
        function 
    checkLength($data$message$max$min) {
            if(
    $data) {
                
    $length strlen($data);
                if((
    $length $min) || ($length $max)) {
                    
    $this->err++;
                    
    $this->msg[] = $message;
                } else {
                    return 
    $data;
                }
            }
        }
        function 
    isEmail($data$message) {
            if (
    $data) {
                if (!
    preg_match("/^[0-9a-z]+(([\.\-_])[0-9a-z]+)*@[0-9a-z]+(([\.\-])[0-9a-z-]+)*\.[a-z]{2,4}$/i"strtolower($data))) {
                    
    $this->err++;
                    
    $this->msg[] = $message;
                } else {
                    return 
    $data;
                }
            }
        }
        function 
    ifPass($data$hash$message) {
            if(
    $data) {
                
    $data strtolower(stripslashes($data));
                if(
    md5($data) != $hash) {
                    
    $this->err++;
                    
    $this->msg[] = $message;
                } else {
                    return 
    $data;
                }
            }
        }
        function 
    passGen($alpha=1$numeric=1) {
            
    $letters 'abcdefghijklmnopqrstuvwxyz';
            
    $numbers ='0123456789';
            
    $password ='';
            
    $option $alpha $numeric;
            for(
    $i 0$i $this->size$i++) {
                switch(
    $option) {
                    case 
    '01'$hash $numbers[mt_rand(09)]; break;
                    case 
    '10'$hash $letters[mt_rand(026)]; break;
                    case 
    '11'$rand mt_rand(01); $hash = ($rand == $letters[mt_rand(026)] : $numbers[mt_rand(09)]); break;
                }
                
    $this->pass[$i] = $hash;
                
    $password .= $hash;
            }
            return 
    md5($password);
        }
        function 
    imageGen($path$extension$css=NULL) {
            
    $styles = ($css) ? ' class="'$css .'" ' ''
            
    $images '';
            for(
    $i 0$i $this->size$i++) {
                
    $images .= '<img src="'$path $this->pass[$i] .'.'$extension .'" alt="'$this->pass[$i] .'" '$styles .'/>';
            }
            return 
    $images;
        }
        function 
    isUnique($data$table$col$message) {
            
    $query "SELECT ".$col." FROM ".$table." WHERE ".$col." = '".$data."'";
            
    $do_query mysql_query($query);
            
    $num mysql_num_rows($do_query);
            if(
    $num 0) {
                
    $this->err++;
                
    $this->msg[] = $message;
            } else {
                return 
    $data;
            }
        }
    }
    ?>
    loginClass.php
    PHP Code:
    <?php
     
    class login {
        var 
    $err;
        var 
    $msg;
        var 
    $size;
        var 
    $pass
        
        function 
    formCheck($size=0) {
            
    $this->err =0;
            
    $this->msg = array();
            
    $this->size $size;
        }
        function 
    ifValid() {
            return(
    $this->err == 0)? true false;
        }
        function 
    showErr() {
            return 
    $this->err;
        }
        function 
    showMsg() {
            
    $message "";
            foreach (
    $this->msg as $value) {
                
    $message .="<li>".$value."</li>\n";
            }
            return 
    $message;
        }
        function 
    ifPost($post) {
            echo (isset(
    $post))? stripslashes($post) : "";
        }
        function 
    isEmpty($data$message$req=true) {
            if (
    $req || $data) {
                if(empty(
    $data)) {
                    
    $this->err++;
                    
    $this->msg[] = $message;
                 } else {
                    return 
    $data;
                }
            }
        }
        function 
    validate($username$password$message) {
            
    $sql "SELECT * FROM users WHERE username='".$username."' && password='".$password."'";
            
    $do_sql mysql_query($sql);
            
    $num mysql_num_rows($do_sql); 
            if(
    $num == 1) {
                return 
    $username;
                return 
    $password;
            } else {
                
    $this->err++;
                
    $this->msg[] = $message;
            }
         }
         function 
    userLogged() {
            echo 
    "logged in";
            echo 
    "<a href='logout.php'>logout</a>";
        }
     }
    ?>
    I realise this is alot to look at, but if anyone has any ideas where I may be going wrong that would be a great start for me.
    Thanks very much, Harro
    Harro Designs - Web design

  2. #2
    ✯✯✯ silver trophybronze trophy php_daemon's Avatar
    Join Date
    Mar 2006
    Posts
    5,284
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Well, it's not much to do with your classes. Once way to work around this is to redirect after the login attempt (successful or not) instead of subsequently outputting the page.
    Saul

  3. #3
    SitePoint Member
    Join Date
    Aug 2005
    Posts
    24
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for your reply, I have also read that using GET rather than POST is another method so I will be using a combination of GET and redirects.
    Thanks again.
    Harro
    Harro Designs - Web design


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •