SitePoint Sponsor |
|
User Tag List
Results 276 to 295 of 295
-
Nov 27, 2004, 00:27 #276
- Join Date
- May 2004
- Location
- Chicago
- Posts
- 135
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Errors when running accesscontrol.php
When placing <?php include 'accesscontrol.php'; ?> at the begiining of my file I get the below error message. Any ideas ?
Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/joe/webname-www/gallery/index.php:2) in /home/joe/phpincludes/accesscontrol.inc on line 5
Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/joe/webname-www/gallery/index.php:2) in /home/joe/phpincludes/accesscontrol.inc on line 5
***********Code from Kevin Yanks article************
<?php // accesscontrol.php
include_once 'common.inc';
include_once 'db.inc';
session_start();
$uid = isset($_POST['uid']) ? $_POST['uid'] : $_SESSION['uid'];
$pwd = isset($_POST['pwd']) ? $_POST['pwd'] : $_SESSION['pwd'];
if(!isset($uid)) {
?>
<!DOCTYPE html PUBLIC "-//W3C/DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title> Please Log In for Access </title>
<meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1" />
</head>
<body>
<h1> Login Required </h1>
<p>You must log in to access this area of the site. If you are
not a registered user, <a href="signup.php">click here</a>
to sign up for instant access!</p>
<p><form method="post" action="<?=$_SERVER['PHP_SELF']?>">
User ID: <input type="text" name="uid" size="8" /><br />
Password: <input type="password" name="pwd" SIZE="8" /><br />
<input type="submit" value="Log in" />
</form></p>
</body>
</html>
<?php
exit;
}
$_SESSION['uid'] = $uid;
$_SESSION['pwd'] = $pwd;
dbConnect("sessions");
$sql = "SELECT * FROM user WHERE
userid = '$uid' AND password = PASSWORD('$pwd')";
$result = mysql_query($sql);
if (!$result) {
error('A database error occurred while checking your '.
'login details.\\nIfhis error persists, please '.
'contact admin@website.com.');
}
if (mysql_num_rows($result) == 0) {
unset($_SESSION['uid']);
unset($_SESSION['pwd']);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title> Access Denied </title>
<meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1" />
</head>
<body>
<h1> Access Denied </h1>
<p>Your user ID or password is incorrect, or you are not a
registered user on this site. To try logging in again, click
<a href="<?=$_SERVER['PHP_SELF']?>">here</a>. To register for instant
access, click <a href="signup.php">here</a>.</p>
</body>
</html>
<?php
exit;
}
$username = mysql_result($result,0,'fullname');
?>
-
Nov 28, 2004, 18:04 #277
- Join Date
- Apr 2000
- Location
- Melbourne, Australia
- Posts
- 2,571
- Mentioned
- 2 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by LemonHead
In this case, the message is saying that line 2 of your index.php file sent something to the browser, which is preventing the call to session_start() on line 5 of accesscontrol.inc from working.
Check your index.php to make sure there is no code or even whitespace before the opening <?php in that file.Kevin Yank
CTO, sitepoint.com
I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
Baby’s got back—a hard back, that is: The Ultimate CSS Reference
-
Nov 28, 2004, 18:12 #278
- Join Date
- May 2004
- Location
- Chicago
- Posts
- 135
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by Kevin Yank
Thanks Kevin. Its working now. It was due to whitespace. I did a better job of re-reviewing your book "Build your Own DB Driven Website" (2nd edition) and article and it has begun to sink in.
I now have the accesscontrol working, but I am wondering how to place a link to the original protected page requested if the user now wants to re-try the original protected page requested. I just created a thread on this issue.
-
Dec 29, 2004, 13:48 #279
- Join Date
- Nov 2004
- Location
- stockport
- Posts
- 45
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Kevin,
I'm a complete novice regarding Mysql and Php, I've recently bought your book "Build your own Database Driven Website" (3rd edition) I have been working my way through it and I'm doing ok.
However, I have also been trying to follow your Tutorial "managing users & sessions" I have followed everything and I have managed to successfully add some new entries to the database using your code, but the email isn't working and I'm getting the "access denied" message when I try accessing protected Php pages. Any suggestions???
my php sessions path is pointing to a temp folder in my www folder. Register_globals is set to off.
-
Dec 29, 2004, 15:31 #280
- Join Date
- Dec 2004
- Location
- wisconsin
- Posts
- 45
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by Kevin Yank
-
Mar 4, 2005, 10:09 #281
- Join Date
- Jan 2005
- Location
- France
- Posts
- 59
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I would just like to bump this thread up to say thanks.
Thanks Kevin.
Anyone know the best way to get a logout?
Thanks all.
-
Apr 19, 2005, 13:39 #282
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 108
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
User redirect after accesscontrol check at login for current users
Hello:
could some help with , a redirect page, I have 2000 users signed up, for an account on my site, I have added a new field to my db table, which I want the already signed-up user to populate this new manatory field once they signed to fill in this form to get there new content, after fill it out then be direct to the protected page. Then all new users would just then fill out the new field from the sign up form,
so how would I check the db and redirect if this field is empty? then they would be direct to a form to fill out this new data.
would it be possible to use the accesscontrol with a elseif after it checks for there password and uid?
any help would rock
-
Apr 19, 2005, 17:42 #283
- Join Date
- Apr 2000
- Location
- Melbourne, Australia
- Posts
- 2,571
- Mentioned
- 2 Post(s)
- Tagged
- 0 Thread(s)
deuce777,
The solution you describe is exactly right. Now all you need to do is code it.Kevin Yank
CTO, sitepoint.com
I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
Baby’s got back—a hard back, that is: The Ultimate CSS Reference
-
Apr 21, 2005, 09:39 #284
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 108
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Thanks Kevin
from my accesscontrol
<?
header("location: http://somedomain.com/somepage.php");
?>
at this part of the code:
header
PHP Code:<?php
exit;
}
$_SESSION['uid'] = $uid;
$_SESSION['pwd'] = $pwd;
dbConnect("users_blah_ca");
$sql = "SELECT * FROM users WHERE
userid = '$uid' AND password = ('$pwd')";
$result = mysql_query($sql);
if (!$result) {
error('A database error occurred while checking your '.
'login details.\\nIf this error persists, please '.
'contact you@example.com.');
}
if (mysql_num_rows($result) == 0) {
unset($_SESSION['uid']);
unset($_SESSION['pwd']);
elseif
dbConnect("users_blah_ca");
$sql = "SELECT * FROM order WHERE
newfield = '$newfield'
$result = mysql_query($sql);
if (!$result:)
redirect $header {
error('A database error occurred while checking your '.
?>
I'M REALLY NOT SURE HOW TO DO THIS SECOND CHECK
IN THE DB TO REDIRECT TO THE NEW FORM IF NEEDEDLast edited by deuce777; Apr 21, 2005 at 12:21.
-
Apr 27, 2005, 07:27 #285
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 108
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by Kevin Yank
to see if I'm on the right track?
-
May 9, 2005, 18:21 #286
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 108
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Hiya Kevin I have tried many things and researched lots, I hope you can help
to redirect a user who has alright signed up, yet I added a new field in the db i need them to fill out, I have create that form the lets them update it, but it the check result
if 0 for the new field only then re-direct but if , they already have the info if there account to sign as normal and very the protected page
PHP Code:
<?php
exit;
}
$_SESSION['uid'] = $uid;
$_SESSION['pwd'] = $pwd;
dbConnect("users_blah_jp");
$sql = "SELECT * FROM blah WHERE blah_id,
userid = '$uid' AND password = ('$pwd')";
$result = mysql_query($sql);
header('Location: http://www.blah/blahid.php');
if (!$result) {
error('A database error occurred while checking your '.
'login details.\\nIf this error persists, please '.
'contact you@example.com.');
}
if (mysql_num_rows($result) == 0) {
unset($_SESSION['uid']);
unset($_SESSION['pwd']);
// kevin where should I check for this field
should i do another select ??
?>
even at the bottom of the accesscontrol , please help ahhhhhhhhhhhh
what I'm getting is just redirect without the check
if any one can point me to a site or a link where a simlair code doing the same
would be a great help , of if you have your own example would rock
what i'm not sure on how to do is the new field i will not come from post , it 's onliny in the db, so how can I check if the (new row) under uid and pw is empty and return the result, then if empty to do a header redirect to form to fill in this new row or feild which i have already made the form, and if it if the table row full filled in under uid and pw then to process to the ex. protectedpage.php without being bother since all new users will have this from the point of the signup.phpLast edited by deuce777; May 14, 2005 at 19:21.
-
May 18, 2005, 17:26 #287
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 108
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
if anyone could help this one driving me nuts
help with accesscontrol redirect Kevin anybody have a look I need the help
here the part of the access control I'm working on
PHP Code:<?php
exit;
}
$_SESSION['uid'] = $uid;
$_SESSION['pwd'] = $pwd;
dbConnect("blah_blah_ca");
$sql = "SELECT * FROM students WHERE
userid = '$uid' AND password = ('$pwd')";
$result = mysql_query($sql);
if (!$result) {
}
$row = mysql_fetch_object($result);
// i guess the result of the row i'm trying to get
$student_id = $row->student_id;
// Free recordset and close database connection
// If the visitors student id row is empty in db row name studentid under uidand pw
if ($student_id == "")
{
Header("Location: http://www.blah/blah/fillnewfeildform.php");
} else {
// Otherwise, redirect login as normal not sure if i need the redirect?
Header("Location: http://www.blah/blah/protectedpage.php");
}
exit;
if (mysql_num_rows($result) == 0) {
unset($_SESSION['uid']);
unset($_SESSION['pwd']);
?>
// please help ya'll my other post should break down what i'm trying to do
// the row in the db i want to check if it empty is student_id which is under uid and user name, if the row is empty then redirect, if it full then login with out troublesLast edited by deuce777; May 18, 2005 at 17:30. Reason: Working on the code is haveing trouble
-
May 18, 2005, 18:03 #288
- Join Date
- Apr 2000
- Location
- Melbourne, Australia
- Posts
- 2,571
- Mentioned
- 2 Post(s)
- Tagged
- 0 Thread(s)
deuce777,
You need to help us if you want us to help you. Posting a big chunk of code and an explanation of what you're trying to do leaves too much work for us. We have to look through your code and understand your approach from scratch -- often when that approach is flawed.
If you want busy people to help you, you need to give us more to go on. What is the script doing? What would you like it to do different? Are there any error messages being displayed that might help?
Forgive me for saying so, but it sounds to me like you need to take a step back and learn PHP properly. You're not even able to post in these forums without mixing up your message with your code. From what I can see you need to learn the basics of programming before tackling websites with PHP...Kevin Yank
CTO, sitepoint.com
I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
Baby’s got back—a hard back, that is: The Ultimate CSS Reference
-
May 18, 2005, 19:29 #289
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 108
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
understood, what is happening with the page is ethier a blank page or I'm getting a redirect even if the feild in the db has already been filled in , What i would like is only to redirect if the field is empty, I understand your busy , hey I'm learning even if its from the basic thats what the forums are for correct, If I add to the ** Select the new row with uid and password like in your code, then i get the 1 st error message**, all i can do is keep trying , yet any help would be great
-
May 18, 2005, 19:46 #290
- Join Date
- Apr 2000
- Location
- Melbourne, Australia
- Posts
- 2,571
- Mentioned
- 2 Post(s)
- Tagged
- 0 Thread(s)
Problems I see with your code at a glance:
- You're not checking if a record was found matching the username/password before checking the new student_id field. What if an incorrect username/password was entered?
- The code following the second exit; in your script has been rendered useless, since the script will always exit at this point.
I can't help you with any deeper problems because I don't understand how your code is supposed to work.Kevin Yank
CTO, sitepoint.com
I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
Baby’s got back—a hard back, that is: The Ultimate CSS Reference
-
May 18, 2005, 20:07 #291
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 108
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
great, ok so that makes since, so I need to do a second check, for the new row on it's own, as well remove the second exit,
no how do i check for an empty row , which would be like the 15 row under uid for the user, then do i need to echo the result in order to then direct user if it's empty..
how i would like it to work is take a users that signs up, when they login, check there uid and password, then before they can view the protected page check for the new row to see if it empty, if it empty, redirect to a page to fill in this last needed field, if the row has been fill at the signup page which all new users will do automatically, then just let them view the page
-
May 18, 2005, 20:32 #292
- Join Date
- Apr 2000
- Location
- Melbourne, Australia
- Posts
- 2,571
- Mentioned
- 2 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by deuce777
no how do i check for an empty row , which would be like the 15 row under uid for the user, then do i need to echo the result in order to then direct user if it's empty..
how i would like it to work is take a users that signs up, when they login, check there uid and password, then before they can view the protected page check for the new row to see if it empty,if it empty, redirect to a page to fill in this last needed field, if the row has been fill at the signup page which all new users will do automatically, then just let them view the pageCode:SELECT *, student_id IS NULL AS student_id_null FROM students WHERE ...
Kevin Yank
CTO, sitepoint.com
I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
Baby’s got back—a hard back, that is: The Ultimate CSS Reference
-
May 18, 2005, 21:25 #293
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 108
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
yes your right the new new column
if null then redirect for the easiest way to pull this off
so from the select if it comes back NUll (TRUE) redirect
so if i'm not sure where the check is you
and if it is false just login
-
May 18, 2005, 23:16 #294
- Join Date
- Apr 2000
- Location
- Melbourne, Australia
- Posts
- 2,571
- Mentioned
- 2 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by deuce777
if null then redirect for the easiest way to pull this off
so from the select if it comes back NUll (TRUE) redirect
so if i'm not sure where the check is you
and if it is false just loginKevin Yank
CTO, sitepoint.com
I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
Baby’s got back—a hard back, that is: The Ultimate CSS Reference
-
May 19, 2005, 08:43 #295
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 108
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I think what i was trying to say if i select the column under student_id under uid, if it returns NULL emtpy (true) then redirect, if comes back populated column then just allow the user to go direct to the protected page,( false) i guess was if the column student_id was not empty
Last edited by deuce777; May 21, 2005 at 16:35.
Bookmarks