SitePoint Sponsor

User Tag List

Page 9 of 12 FirstFirst ... 56789101112 LastLast
Results 201 to 225 of 295
  1. #201
    Non-Member
    Join Date
    Nov 2003
    Location
    here
    Posts
    258
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi guys, thanks Kevin your article was excellent and I expected no less being an avid fan of your book which I have brought and suggested to countless others.

    I wanted to take it one step further however, and there has been lengthly discussion about this topic in another thread on the forum.

    Basically, I wanted to acheive a system, where users could click a box and it would 'remember' their details. However, on your system, the sessions are obviously lost each time the user closes his/her/its browser and consequently must log in each time they fire up t'internet.

    Is there some way, and I was looking at PhpBB for an example of something that did this, but couldn't work out exactly what their methods were, store the sessions in a database somehow and subsequently keep that session in tact for as long as you want, without ever needing to place a cookies on the users PC? It would be fantastic if you could talk about that or just offer some pointers on how we might go about doing such a thing or possibly a tutorial thats lurking out there in cyberspace somewhere.

    Thanks again for all your work and looking forward to your next published articles/books.

  2. #202
    Anonymous
    SitePoint Community Guest
    very nice article.

  3. #203
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Uploads for user to veiw

    Hi Help with this?
    What I am trying to do is extent kevin script, I already have a upload the user can use to send me files, what i want to do is be able to place pdf? for example in there table so when the log in and go to the profile page on the site, the can veiw there file i place only for that user? Can this be done does any one have any ideas? would be a big help

    1: how can i upload the pdf"s to the table?

    2: how can i make so they can only view there files? and so others can't veiw there file's

    3. can this be done with kevin's accesscontrol?

    4. would it be better to place the file on my server and not in the database, yet this only give the permission to the right person, I only want them to view the file that it.

    if any one can help start me of on this would be a biggy thanks

  4. #204
    SitePoint Enthusiast
    Join Date
    Sep 2003
    Location
    maine
    Posts
    60
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    blank screen

    Hi Kevin,
    Great article. I've read it a few times now, and read through all 9 pages of this thread, and I still can't quite figure out what I've got wrong.
    When I signup a new user, my dbase is updated, the email works, etc.
    But then when I go to protectedpage.php, and log in, it takes me to a blank screen. Once it said "site database is unavailable" but the other times its just a blank screen.
    If I enter false login info, I still get the Access Denied page. I've pasted my accesscontrol.php below. Any ideas?
    Thanks.

    Code:
    <?php // accesscontrol.php
    include_once 'common.php';
    include_once 'db.php';
    
    session_start();
    
    $uid = isset($_POST['uid']) ? $_POST['uid'] : $_SESSION['uid'];
    $pwd = isset($_POST['pwd']) ? $_POST['pwd'] : $_SESSION['pwd'];
    
    if(!isset($uid)) {
      ?>
      <!DOCTYPE html PUBLIC "-//W3C/DTD XHTML 1.0 Transitional//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
      <html xmlns="http://www.w3.org/1999/xhtml">
      <head>
        <title> Please Log In for Access </title>
        <meta http-equiv="Content-Type"
          content="text/html; charset=iso-8859-1" />
      </head>
      <body>
      <h1> Login Required </h1>
      <p>You must log in to access this area of the site. If you are
         not a registered user, <a href="signup.php">click here</a>
         to sign up for instant access!</p>
      <p><form method="post" action="<?=$_SERVER['PHP_SELF']?>">
        User ID: <input type="text" name="uid" size="8" /><br />
        Password: <input type="password" name="pwd" SIZE="8" /><br />
        <input type="submit" value="Log in" />
      </form></p>
      </body>
      </html>
      <?php
      exit;
    }
    
    $_SESSION['uid'] = $uid;
    $_SESSION['pwd'] = $pwd;
    
    dbConnect("dbase");
    $sql = "SELECT * FROM user WHERE
            userid = '$uid' AND password = PASSWORD('$pwd')";
    $result = mysql_query($sql);
    if (!$result) {
      error('A database error occurred while checking your '.
            'login details.\\nIf this error persists, please '.
            'contact you@example.com.');
    }
    
    if (mysql_num_rows($result) == 0) {
      unset($_SESSION['uid']);
      unset($_SESSION['pwd']);
      ?>
      <!DOCTYPE html PUBLIC "-//W3C/DTD XHTML 1.0 Transitional//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
      <html xmlns="http://www.w3.org/1999/xhtml">
      <head>
        <title> Access Denied </title>
        <meta http-equiv="Content-Type"
          content="text/html; charset=iso-8859-1" />
      </head>
      <body>
      <h1> Access Denied </h1>
      <p>Your user ID or password is incorrect, or you are not a
         registered user on this site. To try logging in again, click
         <a href="<?=$_SERVER['PHP_SELF']?>">here</a>. To register for instant
         access, click <a href="signup.php">here</a>.</p>
      </body>
      </html>
      <?php
      exit;
    }
    
    $username = mysql_result($result,0,'fullname');
    ?>

  5. #205
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    imagine8,

    A blank page often means PHP ran into a fatal error, but is configured to suppress error messages.

    You might need to turn up PHP's error reporting level on your server (or just on the directory containing these files) so you can see the error that is apparently causing PHP grief.

    You can either set your error_reporting value in php.ini to E_ALL or do it for just the one directory with a .htaccess file containing:

    php_value error_reporting E_ALL

    Good luck!
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  6. #206
    SitePoint Enthusiast
    Join Date
    Sep 2003
    Location
    maine
    Posts
    60
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question

    Quote Originally Posted by Kevin Yank
    imagine8,

    A blank page often means PHP ran into a fatal error, but is configured to suppress error messages.

    You might need to turn up PHP's error reporting level on your server (or just on the directory containing these files) so you can see the error that is apparently causing PHP grief.

    You can either set your error_reporting value in php.ini to E_ALL or do it for just the one directory with a .htaccess file containing:

    php_value error_reporting E_ALL
    Hi Kevin,
    Thanks for the quick response. I've tried a number of things and I'm still not able to make it work.
    First I tried writing an .htaccess file with ONLY "php_value error_reporting E_ALL" in it. Is that complete?
    That didn't change anything for either my computer or my site's server.
    I also looked at my etc/php.ini file currently lists "error_reporting = E_ALL"
    There's also a php.ini file under /usr/local/php/lib/php.ini that will not let me edit it even though I changed the rw access to supposedly allow it...
    To make things interesting, I realized that the title of the blank-screened protectedpage.php is in fact "Members Only Page." So I looked at the source, and it looked like the content was there:
    Code:
    <!DOCTYPE html PUBLIC "-//W3C/DTD XHTML 1.0 Transitional//EN"
      "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
      <title> Members-Only Page </title>
      <meta http-equiv="Content-Type"
        content="text/html; charset=iso-8859-1
    </head>
    <body>
    <p><font color="red">Welcome</font>, booger! You have entered a members-only area
       of the site. Don't you feel special?</p>
    </body>
    </html>
    I later added the <font color> attribute thinking that might show something.
    Also, while I have your attention, I'm also trying to figure out why the mail() function doesn't work and would appreciate your input on that. See thread
    http://www.sitepointforums.com/showthread.php?p=1040860
    Again, thanks for your help.

  7. #207
    SitePoint Enthusiast
    Join Date
    Sep 2003
    Location
    maine
    Posts
    60
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Arrow

    UPDATE

    I found out that, according to phpinfo.php, the config php.ini file apache was indeed pointing to the /usr/local/php/lib/php.ini.
    I was able to access and change that SMTP from 'localhost' to mail.'myserver'.com where 'myserver' is the name of my site...
    Still didn't send me email and gave the same warning upon submitting via signup.php:
    Code:
    postdrop: warning: unable to look up public/pickup: No such file or directory
    Is this something I should ask my site server people about? Can't I sendmail from my own puter (I've got Apache and PHP running...)

    Also, when I checked the error_log after opening protectedpage.php, this is what I got:
    Code:
    [error] PHP Notice:  Undefined index:  uid in /Users/juanjuan/Sites/testID/accesscontrol.php on line 7
    [error] PHP Notice:  Undefined index:  pwd in /Users/juanjuan/Sites/testID/accesscontrol.php on line 8
    and this is line 7 & 8 of accesscontrol.php:

    Code:
    $uid = isset($_POST['uid']) ? $_POST['uid'] : $_SESSION['uid'];
    $pwd = isset($_POST['pwd']) ? $_POST['pwd'] : $_SESSION['pwd'];
    Solutions? Ideas what's going wrong?

  8. #208
    SitePoint Enthusiast
    Join Date
    Sep 2003
    Location
    maine
    Posts
    60
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Exclamation D'oh!

    Geeze, I hate it when its some simple thing. But it is now working! The reason the text wasn't showing up on the protected pages was because there was no text color defined in the body attribute (I know, I know, this will be done with CSS)...
    So I added <body color="#000000"> to protectedpage.php and the text shows up. This leads me to a question though: why didn't the red fonted "welcome" show up until after I designated the body color as black?

    Also, if anyone can solve my mail() problem, I'll be much obliged. From my puter's server, I'm still unable to sendmail, still getting the same error:

    postdrop: warning: unable to look up public/pickup: No such file or directory

    Hope these contributions help someone out...

  9. #209
    Anonymous
    SitePoint Community Guest
    Do I have to add any other files? I still didn't received my password and userid on my email adress. Does it works?

  10. #210
    SitePoint Member
    Join Date
    Jan 2004
    Location
    Suffolk UK
    Posts
    7
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    php.ini session configuration

    I don't understand why in php.ini session.cookie_lifetime defaults to 0 (i.e. session cookies persist at the client until the browser is closed) while session.gc_maxlifetime seems to have a default of 1440 (i.e. the server held session is deleted after 1440 seconds). Wouldn't it make more sense if they were the same or have I misunderstood this?
    Thanks, Anna

  11. #211
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    This is done for security reasons. With a cookie set to expire at the end of the browser session, a user can safely close their browser and walk away.

    If the cookie was given a specific expiry time, then if someone else walked up to the computer and opened the browser, they could connect to the site and continue the previous user's session!
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  12. #212
    SitePoint Member
    Join Date
    Jan 2004
    Location
    Suffolk UK
    Posts
    7
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Kevin Yank
    If the cookie was given a specific expiry time, then if someone else walked up to the computer and opened the browser, they could connect to the site and continue the previous user's session!
    So if I set session.cookie_lifetime also to 1440 then the session won't expire until the time is up, even if the browser is closed? Aagh!

  13. #213
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    session.gc_maxlifetime determines how long the session lasts with no activity from the user. session.cookie_lifetime determines how long the browser keeps track of the session ID with no updates from the server.

    If the server ends the session (due to session.gc_maxlifetime) and the browser still has the session ID, the server will treat the session ID as invalid, start a new session, and send the browser a new ID.

    If the browser loses the session ID (due to session.cookie_lifetime, or due to closing the browser with session.cookie_lifetime set to 0) and the session still exists on the server, the browser will be assigned a new session ID, and the old session will eventually time out due to session.gc_maxlifetime.

    So either of these time limits can cause the session to end, but for security reasons you should really set the cookie to expire as soon as the browser is closed, and allow the session inactivity timeout to be handled by the server.
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  14. #214
    SitePoint Member
    Join Date
    Jan 2004
    Location
    Suffolk UK
    Posts
    7
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Understood. Thank you.

    (We have a customer who often leaves the browser inactive and open long after the server session timeout, then tries to use our app again, and my paranoid additions to the code email me to say that someone's trying to use an invalid session id. I guess I'll have to relax the security just a little! )

  15. #215
    Anonymous
    SitePoint Community Guest
    too much talks but too less info.
    no need to show off that you're a big man......you article does not speak that....i read plenty of other similar articles which are smaller and contain good info and the language also not boring

  16. #216
    SitePoint Member
    Join Date
    Feb 2004
    Location
    newcastle, uk
    Posts
    23
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Im running into problems and i think its because my database is on a different server to my website... i have changed "localhost" to the ip of the server, but I get a "The site database is unavailable." error... is there anything I can do to sort this out?

    cheers
    gm

  17. #217
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    display folder content to logged in user

    Is it possible with Kevin's Managing Users with PHP Sessions and MySQL
    display to the current logged-in user , file(s) that I the admin has upload for them, and them only to view such as .pdf, either from a folder , or from a table, so when the are login it with will show them links of the content to veiw the contents?Can it be done so when the sign up at first that it create a dir for them, or have them request that i make with-in 24 for them ?

  18. #218
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Yes, it is possible.
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  19. #219
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    good so it is possisble

    do it use fopen for this?

    how would i be able to create the dir automatic?

    so there dir would be name the username/

    and so a like to file would display in example the protected.page?

    so I can allow the sign user to veiw a proof of artwork?


    would set the path echo the $username the create there folder some how?

    can i add a line in the sign-up.php for that will create the newusers dir?

    so when the get to the index.php or protected.php that a link to the dir will display even if the dir be empty at first

  20. #220
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    how to make user directory on sign up?

    to make a directory when the user signs up

    where and how would place tha in the signup.php

    mkdir ?

    example:so i could name the directory after there user name
    and that would be the path? /public/user/$username/

    $uid;
    mkdir("/home/username/public/files/$uid", 0600);

    where would i place that on the signup.php ?



    then how would I list the contents of the directory
    for them?

    any tips on how to do this would be a big help
    Deuce777
    Last edited by deuce777; Mar 20, 2004 at 17:29.

  21. #221
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    If it were me, I'd store the files in the database instead of in separate user directories. Less file management headaches.
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  22. #222
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    what would be a good way?

    Quote Originally Posted by Kevin Yank
    If it were me, I'd store the files in the database instead of in separate user directories. Less file management headaches.
    ook from the database what would be a good way, i need to place .pdf's and text files?

    rather the a home directory?

  23. #223
    SitePoint Wizard
    Join Date
    May 2003
    Location
    Berlin, Germany
    Posts
    1,829
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Please wrap the code around [ php ] tags, it will make it al otm ore readable to us.

  24. #224
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Display files to user for private downloads

    Quote Originally Posted by deuce777
    ook from the database what would be a good way, i need to place .pdf's and text files?

    rather the a home directory?

    here's what I 'm trying so the Can download there files
    PHP Code:
    <?
     $dl 
    "http://www./public/login3/customer/$email/files";
     
    $proof "http://www./public/login3/customer/$email/upload/index.php";
     
    $list "<table width=500 border=1 bordercolor=#000000 style=\"border-collapse: collapse\">";
     
    $list .= "<tr><td width=500><center><b>Click To Download</b></center></td></tr>";
     
    $current_dir = /public/login3/customer/$email/files";
     
    $dir = opendir($current_dir);
     while (
    $file = readdir($dir)) {
    $proof .= "<tr><td width=500><a href='$dl'>$file</a></center></td></tr>"; 
    $list .= "<tr><td width=500><a href='$dl'>$file</a></center></td></tr>";
    }
    $list .= "</table>";
    echo 
    $list;        
     
    echo
    ?>
    I would like to make it so the path is invisable, to the user and to work with Kevin's accesscontrol.php where i can display the files to the user
    with a prtected page , and when the click the link it forces the download these will be mainly pdf's is it ok if it opens in the browser.
    Last edited by deuce777; Mar 22, 2004 at 18:47.

  25. #225
    SitePoint Zealot
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    108
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    how to get access-ntrol to work over directories?

    How can I get the accesscontrol to work over mainly directories?

    if I have the main accesscontrol in my public/login/

    and i have sub directories in public/login/sub/users/

    and in each sub folder want to place a index.php

    with Kevin accesscontrol at the top:

    PHP Code:
    <?php echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?".">"?><?php include 'accesscontrol.php'?>
    how can I call the main accesscontrol from public/login ?

    would this protect other from veiw the directory if done rightand allow the user with the right sessions to enter?


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •