SitePoint Sponsor

User Tag List

Page 12 of 12 FirstFirst ... 289101112
Results 276 to 295 of 295
  1. #276
    SitePoint Zealot
    Join Date
    May 2004
    Location
    Chicago
    Posts
    135
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Errors when running accesscontrol.php

    When placing <?php include 'accesscontrol.php'; ?> at the begiining of my file I get the below error message. Any ideas ?

    Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/joe/webname-www/gallery/index.php:2) in /home/joe/phpincludes/accesscontrol.inc on line 5

    Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/joe/webname-www/gallery/index.php:2) in /home/joe/phpincludes/accesscontrol.inc on line 5


    ***********Code from Kevin Yanks article************
    <?php // accesscontrol.php
    include_once 'common.inc';
    include_once 'db.inc';

    session_start();
    $uid = isset($_POST['uid']) ? $_POST['uid'] : $_SESSION['uid'];
    $pwd = isset($_POST['pwd']) ? $_POST['pwd'] : $_SESSION['pwd'];

    if(!isset($uid)) {
    ?>
    <!DOCTYPE html PUBLIC "-//W3C/DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <title> Please Log In for Access </title>
    <meta http-equiv="Content-Type"
    content="text/html; charset=iso-8859-1" />
    </head>
    <body>
    <h1> Login Required </h1>
    <p>You must log in to access this area of the site. If you are
    not a registered user, <a href="signup.php">click here</a>
    to sign up for instant access!</p>
    <p><form method="post" action="<?=$_SERVER['PHP_SELF']?>">
    User ID: <input type="text" name="uid" size="8" /><br />
    Password: <input type="password" name="pwd" SIZE="8" /><br />
    <input type="submit" value="Log in" />
    </form></p>
    </body>
    </html>
    <?php
    exit;
    }
    $_SESSION['uid'] = $uid;
    $_SESSION['pwd'] = $pwd;

    dbConnect("sessions");
    $sql = "SELECT * FROM user WHERE
    userid = '$uid' AND password = PASSWORD('$pwd')";
    $result = mysql_query($sql);
    if (!$result) {
    error('A database error occurred while checking your '.
    'login details.\\nIfhis error persists, please '.
    'contact admin@website.com.');
    }
    if (mysql_num_rows($result) == 0) {
    unset($_SESSION['uid']);
    unset($_SESSION['pwd']);
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <title> Access Denied </title>
    <meta http-equiv="Content-Type"
    content="text/html; charset=iso-8859-1" />
    </head>
    <body>
    <h1> Access Denied </h1>
    <p>Your user ID or password is incorrect, or you are not a
    registered user on this site. To try logging in again, click
    <a href="<?=$_SERVER['PHP_SELF']?>">here</a>. To register for instant
    access, click <a href="signup.php">here</a>.</p>
    </body>
    </html>
    <?php
    exit;
    }
    $username = mysql_result($result,0,'fullname');
    ?>

  2. #277
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by LemonHead
    Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/joe/webname-www/gallery/index.php:2) in /home/joe/phpincludes/accesscontrol.inc on line 5
    As explained in my article, a call to session_start() must come before your script sends any output to the browser. This error message indicates that a call to session_start() has been made after content has been sent to the browser.

    In this case, the message is saying that line 2 of your index.php file sent something to the browser, which is preventing the call to session_start() on line 5 of accesscontrol.inc from working.

    Check your index.php to make sure there is no code or even whitespace before the opening <?php in that file.
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  3. #278
    SitePoint Zealot
    Join Date
    May 2004
    Location
    Chicago
    Posts
    135
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Kevin Yank
    As explained in my article, a call to session_start() must come before your script sends any output to the browser. This error message indicates that a call to session_start() has been made after content has been sent to the browser.

    In this case, the message is saying that line 2 of your index.php file sent something to the browser, which is preventing the call to session_start() on line 5 of accesscontrol.inc from working.

    Check your index.php to make sure there is no code or even whitespace before the opening <?php in that file.

    Thanks Kevin. Its working now. It was due to whitespace. I did a better job of re-reviewing your book "Build your Own DB Driven Website" (2nd edition) and article and it has begun to sink in.

    I now have the accesscontrol working, but I am wondering how to place a link to the original protected page requested if the user now wants to re-try the original protected page requested. I just created a thread on this issue.

  4. #279
    SitePoint Enthusiast
    Join Date
    Nov 2004
    Location
    stockport
    Posts
    45
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Kevin,

    I'm a complete novice regarding Mysql and Php, I've recently bought your book "Build your own Database Driven Website" (3rd edition) I have been working my way through it and I'm doing ok.

    However, I have also been trying to follow your Tutorial "managing users & sessions" I have followed everything and I have managed to successfully add some new entries to the database using your code, but the email isn't working and I'm getting the "access denied" message when I try accessing protected Php pages. Any suggestions???

    my php sessions path is pointing to a temp folder in my www folder. Register_globals is set to off.

  5. #280
    SitePoint Enthusiast
    Join Date
    Dec 2004
    Location
    wisconsin
    Posts
    45
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Kevin Yank
    Lentildal,

    Your hosting company is right -- you can modify PHP's include directory setting (normally configured in php.ini) with an .htaccess file in your site's root directory.

    Just create a text file called .htaccess in the root directory of your site that contains one line like the following:
    Code:
    php_value include_path .:/path/to/includes
    where /path/to/includes is the full path to the directory outside your Web root where you want to store your PHP include files.

    Of course, with a reputable hosting company it's fairly unlikely that they'll ever break PHP support and expose your scripts to the world, but you can never be too careful.
    So does this mean that you can modify settings in the php.ini file with an .htaccess file? If so does this mean that I can set a higher max file upload size limit within the .htaccess file, and if so what would the code look like to do so?

  6. #281
    SitePoint Enthusiast
    Join Date
    Jan 2005
    Location
    France
    Posts
    59
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I would just like to bump this thread up to say thanks.

    Thanks Kevin.

    Anyone know the best way to get a logout?



    Thanks all.

  7. #282
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    User redirect after accesscontrol check at login for current users

    Hello:

    could some help with , a redirect page, I have 2000 users signed up, for an account on my site, I have added a new field to my db table, which I want the already signed-up user to populate this new manatory field once they signed to fill in this form to get there new content, after fill it out then be direct to the protected page. Then all new users would just then fill out the new field from the sign up form,

    so how would I check the db and redirect if this field is empty? then they would be direct to a form to fill out this new data.

    would it be possible to use the accesscontrol with a elseif after it checks for there password and uid?

    any help would rock

  8. #283
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    deuce777,

    The solution you describe is exactly right. Now all you need to do is code it.
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  9. #284
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Thanks Kevin

    from my accesscontrol
    <?
    header("location: http://somedomain.com/somepage.php");
    ?>
    at this part of the code:
    header
    PHP Code:
    <?php
          
    exit;
        }
        
        
    $_SESSION['uid'] = $uid;
        
    $_SESSION['pwd'] = $pwd;
        
        
    dbConnect("users_blah_ca");
        
    $sql "SELECT * FROM users WHERE
                userid = '
    $uid' AND password = ('$pwd')";
        
    $result mysql_query($sql);
        if (!
    $result) {
          
    error('A database error occurred while checking your '.
                
    'login details.\\nIf this error persists, please '.
                
    'contact you@example.com.');
        }
        
        if (
    mysql_num_rows($result) == 0) {
          unset(
    $_SESSION['uid']);
          unset(
    $_SESSION['pwd']);

    elseif 
    dbConnect("users_blah_ca");
        
    $sql "SELECT * FROM order WHERE
                newfield = '
    $newfield'
        
    $result = mysql_query($sql);
        if (!
    $result:)
    redirect 
    $header {
          error('A database error occurred while checking your '.

          ?>
    any help with is could would BE GREAT!!!!!!

    I'M REALLY NOT SURE HOW TO DO THIS SECOND CHECK
    IN THE DB TO REDIRECT TO THE NEW FORM IF NEEDED
    Last edited by deuce777; Apr 21, 2005 at 12:21.

  10. #285
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Kevin Yank
    deuce777,

    The solution you describe is exactly right. Now all you need to do is code it.
    Hi Kevin I posted my code can you have look?

    to see if I'm on the right track?

  11. #286
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Thumbs up

    Hiya Kevin I have tried many things and researched lots, I hope you can help

    to redirect a user who has alright signed up, yet I added a new field in the db i need them to fill out, I have create that form the lets them update it, but it the check result
    if 0 for the new field only then re-direct but if , they already have the info if there account to sign as normal and very the protected page

    PHP Code:

    <?php
         
    exit;  
        }
        
        
    $_SESSION['uid'] = $uid;
        
    $_SESSION['pwd'] = $pwd;
        
        
    dbConnect("users_blah_jp");
        
    $sql "SELECT * FROM blah WHERE blah_id,
                userid = '
    $uid' AND password = ('$pwd')";  
        
    $result mysql_query($sql);
        
    header('Location: http://www.blah/blahid.php'); 
        if (!
    $result) {
          
    error('A database error occurred while checking your '.
                
    'login details.\\nIf this error persists, please '.
                
    'contact you@example.com.');
        }
        
        if (
    mysql_num_rows($result) == 0) {
          unset(
    $_SESSION['uid']);
          unset(
    $_SESSION['pwd']);
              
        
    // kevin where should I check for this field
    should i do another select ??   
          
    ?>
    i have tried a few things and placing the header before and after the sql error results
    even at the bottom of the accesscontrol , please help ahhhhhhhhhhhh
    what I'm getting is just redirect without the check


    if any one can point me to a site or a link where a simlair code doing the same
    would be a great help , of if you have your own example would rock

    what i'm not sure on how to do is the new field i will not come from post , it 's onliny in the db, so how can I check if the (new row) under uid and pw is empty and return the result, then if empty to do a header redirect to form to fill in this new row or feild which i have already made the form, and if it if the table row full filled in under uid and pw then to process to the ex. protectedpage.php without being bother since all new users will have this from the point of the signup.php
    Last edited by deuce777; May 14, 2005 at 19:21.

  12. #287
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    if anyone could help this one driving me nuts

    help with accesscontrol redirect Kevin anybody have a look I need the help
    here the part of the access control I'm working on
    PHP Code:
    <?php
          
    exit;
        }
        
        
    $_SESSION['uid'] = $uid;
        
    $_SESSION['pwd'] = $pwd;
        
        
    dbConnect("blah_blah_ca"); 
        
    $sql "SELECT * FROM students WHERE   
                userid = '
    $uid' AND password = ('$pwd')";
        
    $result mysql_query($sql);
        if (!
    $result) {
        }
         
    $row mysql_fetch_object($result); 

    // i guess the result of the row i'm trying to get
    $student_id $row->student_id


    // Free recordset and close database connection 


    // If the visitors student id row is empty in db row name studentid under uidand pw
    if ($student_id == ""
    {
      
    Header("Location: http://www.blah/blah/fillnewfeildform.php"); 
    } else { 
    // Otherwise, redirect login as normal not sure if i need the redirect?
      
    Header("Location: http://www.blah/blah/protectedpage.php");
    }
    exit;
        if (
    mysql_num_rows($result) == 0) {
          unset(
    $_SESSION['uid']);
          unset(
    $_SESSION['pwd']); 
          
    ?>

    // please help ya'll my other post should break down what i'm trying to do
    // the row in the db i want to check if it empty is student_id which is under uid and user name, if the row is empty then redirect, if it full then login with out troubles
    Last edited by deuce777; May 18, 2005 at 17:30. Reason: Working on the code is haveing trouble

  13. #288
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    deuce777,

    You need to help us if you want us to help you. Posting a big chunk of code and an explanation of what you're trying to do leaves too much work for us. We have to look through your code and understand your approach from scratch -- often when that approach is flawed.

    If you want busy people to help you, you need to give us more to go on. What is the script doing? What would you like it to do different? Are there any error messages being displayed that might help?

    Forgive me for saying so, but it sounds to me like you need to take a step back and learn PHP properly. You're not even able to post in these forums without mixing up your message with your code. From what I can see you need to learn the basics of programming before tackling websites with PHP...
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  14. #289
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    understood, what is happening with the page is ethier a blank page or I'm getting a redirect even if the feild in the db has already been filled in , What i would like is only to redirect if the field is empty, I understand your busy , hey I'm learning even if its from the basic thats what the forums are for correct, If I add to the ** Select the new row with uid and password like in your code, then i get the 1 st error message**, all i can do is keep trying , yet any help would be great

  15. #290
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Problems I see with your code at a glance:
    • You're not checking if a record was found matching the username/password before checking the new student_id field. What if an incorrect username/password was entered?
    • The code following the second exit; in your script has been rendered useless, since the script will always exit at this point.

    I can't help you with any deeper problems because I don't understand how your code is supposed to work.
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  16. #291
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    great, ok so that makes since, so I need to do a second check, for the new row on it's own, as well remove the second exit,

    no how do i check for an empty row , which would be like the 15 row under uid for the user, then do i need to echo the result in order to then direct user if it's empty..

    how i would like it to work is take a users that signs up, when they login, check there uid and password, then before they can view the protected page check for the new row to see if it empty, if it empty, redirect to a page to fill in this last needed field, if the row has been fill at the signup page which all new users will do automatically, then just let them view the page

  17. #292
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by deuce777
    great, ok so that makes since, so I need to do a second check, for the new row on it's own, as well remove the second exit,
    I don't understand what you mean by "the new row". You mean the new column, right?
    no how do i check for an empty row , which would be like the 15 row under uid for the user, then do i need to echo the result in order to then direct user if it's empty..
    I don't understand what you're saying.
    how i would like it to work is take a users that signs up, when they login, check there uid and password, then before they can view the protected page check for the new row to see if it empty,
    The new column, right?
    if it empty, redirect to a page to fill in this last needed field, if the row has been fill at the signup page which all new users will do automatically, then just let them view the page
    The easiest way to check for an empty (NULL) column is to add another column to your result set that does the check for you:
    Code:
    SELECT *, student_id IS NULL AS student_id_null FROM students WHERE ...
    You can then check if the value of the student_id_null field in your result set is 'TRUE' and if so perform the redirect.
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  18. #293
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yes your right the new new column

    if null then redirect for the easiest way to pull this off

    so from the select if it comes back NUll (TRUE) redirect

    so if i'm not sure where the check is you

    and if it is false just login

  19. #294
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by deuce777
    yes your right the new new column
    I'll assume that's a stutter.
    if null then redirect for the easiest way to pull this off
    I don't understand what you've written.
    so from the select if it comes back NUll (TRUE) redirect
    I don't understand what you've written.
    so if i'm not sure where the check is you
    I don't understand what you've written.
    and if it is false just login
    If what is false? I don't understand what you've written.
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  20. #295
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think what i was trying to say if i select the column under student_id under uid, if it returns NULL emtpy (true) then redirect, if comes back populated column then just allow the user to go direct to the protected page,( false) i guess was if the column student_id was not empty
    Last edited by deuce777; May 21, 2005 at 16:35.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •