SitePoint Sponsor

User Tag List

Results 1 to 24 of 24
  1. #1
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    session and id does not continue HELP!!

    Help...I almost had this but I included the password field in my form now it is not working. What was happening before I had all the tested members added to the Welcome page at once. When I put in the password field it is not welcoming anyone so sessions is not operating.

    PHP Code:
    // Get the user session id variable into a local php variable for easier use in scripting
    $id $_SESSION['id'];

    // Now let's initialize vars to be printed to page in the HTML section so our script does not return errors 
    // they must be initialized in some server environments

    $firstname '';
    $lastname '';
    $country '';
    $email '';

    //Formulate Query
    //This is the best way to perform an SQL query
    $query "SELECT id, firstname FROM `Members` WHERE id='$id'";
    $result mysql_query($query);

    //Check result
    //This shows the actual query sent to MySQL and the error. Useful for debugging.

    if(!$result){
        
    $message 'Invalid query:' mysql_error() . "\n";
        
    $message .= 'Whole query:' $query;
        die(
    $message);
    }
    //Use result
    //Attempting to print $result won't allow access to information in the resource
    //One of the mysql result functions must be used
    //See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.
    while($row=mysql_fetch_assoc($result)){
        echo 
    "Welcome, {$row[firstname]}";
    }
    //Free the resources associated with the result set
    mysql_free_result($result); 
    At one point it when it was including everyone all at once it was able to view the private pages but the new update password takes me back to square one. It was showing a error message with SQL " after the WHERE clause where I had the id={$_SESSION['id']} so I just tested to see how the codes id='$id' would work and it does not have the echo Welcome, firstname.

    these codes are very tricky.

  2. #2
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,747
    Mentioned
    65 Post(s)
    Tagged
    0 Thread(s)
    I dont see any password in there?

    or a session_start, or.... any sort of form whatsoever....

    If we're going to help you we're going to need to see the relevant code.

  3. #3
    SitePoint Evangelist smftre's Avatar
    Join Date
    Dec 2008
    Location
    London
    Posts
    434
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I also don't see any password in there, also on a side note, are you starting your session?

    remember at the top of your code: session_start();
    Statvoo.com The Website Traffic Monitor
    The best way to monitor traffic to your sites for free!


    Web Development London UK We make web 3.0 applications

  4. #4
    SitePoint Wizard bronze trophy chris.upjohn's Avatar
    Join Date
    Apr 2010
    Location
    Melbourne, AU
    Posts
    2,183
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    I'm more confused as to why you need 2 posts http://www.sitepoint.com/forums/php-...ng-756767.html
    Blog/Portfolio | Evolution Xtreme | DFG Design | DFG Hosting | CSS-Tricks | Stack Overflow | Paul Irish
    Having lame problems with your code? Let us help by using a jsFiddle

  5. #5
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I was focusing on my coding and got side tracked nothing intentional

  6. #6
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP Code:

    <?php
    session_start
    ();
    ?>
    <?php
    ini_set 
    ("display_errors""1");
    error_reporting(E_ALL);
    ?>        
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Welcome</title>
    </head>

    <body>
    <?php
    /* Program: login.php
     * Desc:    Displays the new member welcome page. Greets
     *            member by name and gives a choice to enter
     *            restricted section or go back to main page.
     */ 
    include('Connections/connect_to_mysql.php'); 

    // Get the user session id variable into a local php variable for easier use in scripting
    $id $_SESSION['id'];

    // Now let's initialize vars to be printed to page in the HTML section so our script does not return errors 
    // they must be initialized in some server environments

    $firstname '';
    $lastname '';
    $country '';
    $email '';

    //Formulate Query
    //This is the best way to perform an SQL query
    $query "SELECT id, firstname FROM `Members` WHERE id='$id'";
    $result mysql_query($query);

    //Check result
    //This shows the actual query sent to MySQL and the error. Useful for debugging.

    if(!$result){
        
    $message 'Invalid query:' mysql_error() . "\n";
        
    $message .= 'Whole query:' $query;
        die(
    $message);
    }
    //Use result
    //Attempting to print $result won't allow access to information in the resource
    //One of the mysql result functions must be used
    //See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.
    while($row=mysql_fetch_assoc($result)){
        echo 
    "Welcome, {$row[firstname]}";
    }
    //Free the resources associated with the result set
    mysql_free_result($result);

    ?>
    <p>Your new Member accounts lets you enter the members only section
    of our web site. You'll find special discounts, a profile of matches,
    live advise from experts, and much more.</p>
    <p>Your new Member ID and password were emailed to you. Store them
    carefully for future use.</p>
    <div style="text-align: center">
    <p style="margin-top: .5in; font-weight: bold">
    Glad you could join us!</p>
    <form action="profile.php" method="post">
        <input type="submit"
            value="Enter the Members Only Section">
            </form>
    <form action="index.php" method="post">
        <input type="submit" value="Go to Main Page">
        </form>        
            </div>
    </body>
    </html>

  7. #7
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,747
    Mentioned
    65 Post(s)
    Tagged
    0 Thread(s)
    Hopefully there isnt actually a blank line before your <?php at the top, or session_start will fail...
    In your query, Unless your id field is a string type (VARCHAR), you shouldnt have quotes around it. Numerical field types (INT, etc) dont have quotes around them.

    I... still dont see anything about a password in there, or anywhere where you're writing to the session variable...

  8. #8
    SitePoint Wizard bronze trophy chris.upjohn's Avatar
    Join Date
    Apr 2010
    Location
    Melbourne, AU
    Posts
    2,183
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    I agree with StarLion, im a little lost as to the problem your trying to solve with the code you supplied. With that said i went and cleaned up your code as i saw room for improvement.

    PHP Code:
    <?php

    session_start
    ();

    ini_set('display_errors''1');
    error_reporting(E_ALL);

    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Welcome</title>
    </head>
    <body>

    <?php

    /**
     * Program : login.php
     * Desc    : Displays the new member welcome page. Greets
     *           member by name and gives a choice to enter
     *           restricted section or go back to main page.
     */

    // Check if the user has a current session, if they don't show the
    // login form required to gain access
    if (isset($_SESSION['id'])) {
        include(
    'Connections/connect_to_mysql.php');
        
        
    // Set the users session ID
        
    $id $_SESSION['id'];
        
        
    // Now let's initialize vars to be printed to page in the HTML
        // section so our script does not return errors they must be
        // initialized in some server environments
        
    $firstname '';
        
    $lastname '';        // <<<<<<<<<<<<<<<<
        
    $country '';         // Are these really needed??
        
    $email '';           // >>>>>>>>>>>>>>>>
        
        // Build the MySQL query
        
    $query "SELECT id, firstname FROM `Members` WHERE id = $id";
        
        
    // Run the query and kill the page upon any MySQL errors
        
    if (!$result mysql_query($query)) {
            
    $message  'Invalid query: ' mysql_error() . "\n";
            
    $message .= 'MySQL query: ' $query;
            die(
    $message);
        }
        
        
    // Check to make sure that a user was found otherwise remove the
        // the session and reload the page
        
    if (mysql_num_rows($result)) {
            
    $row mysql_fetch_row($result);
            
    mysql_free_result($result);
            
            echo 
    'Welcome, ' $row['firstname'];
        } else {
            unset(
    $_SESSION['id']);
            
    header('Location: ' $_SERVER['PHP_SELF']);
        }
    } else {
    ?>

        <p>
            Your new Member accounts lets you enter the members only section of our web site. You'll find special discounts, a profile of matches, live advise from experts, and much more.
        </p>
        <p>
            Your new Member ID and password were emailed to you. Store them carefully for future use.
        </p>
        
        <div style="text-align: center">
            <p style="margin-top: .5in; font-weight: bold">Glad you could join us!</p>
            <form action="profile.php" method="post">
                <input type="submit" value="Enter the Members Only Section" />
            </form>
            <input type="button" value="Go to Main Page" />   
        </div>
    <?php
    }
    ?>

    </body>
    </html>
    Blog/Portfolio | Evolution Xtreme | DFG Design | DFG Hosting | CSS-Tricks | Stack Overflow | Paul Irish
    Having lame problems with your code? Let us help by using a jsFiddle

  9. #9
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This is my form. Do you mean to take out the '' around the id in the query??
    Also no space in front of the <?php
    PHP Code:
    <?php
    error_reporting
    (E_ALL);
    ini_set("display_errors"1);
    include_once (
    "Connections/connect_to_mysql.php"); 

      
    $err='';
      
    $id='';
      
    $firstname='';
      
    $lastname='';
      
    $password='';
      
    $country='';
      
    $email='';
      
    $_SESSION['$id']='id';

      if(isset(
    $_POST["submit"])){

      
        
    // Validate form data

        
    if($_POST["firstname"]==''$err.='Please enter First Name<br>';
        if(
    $_POST["email"]==''$err.='Please enter Email<br>';



        if(
    $err==''){ 

          
    // Check if there are duplicate entries in the 'contacts' table

          
    $sql_check mysql_query("SELECT id FROM `Members` WHERE firstname='".addslashes($_POST["firstname"])."' and Email='".addslashes($_POST["email"])."'");
          if(
    $row mysql_fetch_array($sql_check)){
            
    $err.='Can not add duplicate entry<br>';
          }
          else{

            
    // adding new record to 'contacts' table

           
    $results mysql_query("INSERT INTO Members (firstname,lastname,password,country,Email) 
                        values ('"
    .mysql_real_escape_string($_POST["firstname"])."','".mysql_real_escape_string($_POST["lastname"])."','".md5($_POST["password"])."','".mysql_real_escape_string($_POST["country"])."','".mysql_real_escape_string($_POST["email"])."')")
                        or die (
    mysql_error());
     
    $id mysql_insert_id();
     
    $userid mysql_insert_id(); 

           
    // redirecting to success screen
           
    if($results){
             
    header("Location: login.php");
    }else
    die(
    mysql_error());

          }
        }
      }

    ?>
    <html>
    <head>
    <title>Add New Contact</title>
    </head>

    <body>

    <h2>Register with us</h2>

    <?php echo $err==''?'':('<p style="color:red;">'.$err.'</p>'?>

    <form method="post" action="form.php">

    <table border="0">
    <tr>
    <td valign="middle">First Name:</td>
    <td><input type="text" name="firstname" size="30" value="<?php echo htmlspecialchars($firstname?>"></td>
    </tr>
    <tr>
    <td valign="middle">Last Name:</td>
    <td><input type="text" name="lastname" size="30" value="<?php echo htmlspecialchars($lastname?>"></td>
    </tr>
    <tr>
    <td valign="middle">Password:</td>
    <td><input type="password" name="password" size="32" value="<?php echo htmlspecialchars($password?>"></td>
    </tr>
    <tr>
    <td valign="middle">Country:</td>
    <td><input type="text" name="country" size="30" value="<?php echo htmlspecialchars($country?>"></td>
    </tr>
    <tr>
    <td valign="middle">Email:</td>
    <td><input type="text" name="email" size="30" value="<?php echo htmlspecialchars($email?>"></td>
    </tr>
    </table><br>

    <input type="submit" name="submit" value=" Submit! ">

    </form>

    </body>
    </html>

  10. #10
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The vars I dont think I need them I had them there because I thought that was what was stopping it from continuing. I am pasting your codes. Thanks

  11. #11
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,747
    Mentioned
    65 Post(s)
    Tagged
    0 Thread(s)
    $id='';
    $_SESSION['$id']='id';


    so... you're setting $_SESSION[''] to "id" .... o...kay...I do not understand this logic at all. Please elaborate.

    Anyway, so now you've got $_SESSION[''] set to "id". When you get back to your page,
    $id = $_SESSION['id'];
    $_SESSION['id'] doesnt exist. Because you didnt set that. You set $_SESSION[''].

    Think maybe in your form code you meant to do $_SESSION['id'] = $id; ?

  12. #12
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I updated the coding shows no errors but I dont think it is continuing the sessions as it does not show the Welcome, firstname.

  13. #13
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    this is the SQL code in phpmyadmin

    SELECT * FROM `Members` WHERE 1

  14. #14
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,747
    Mentioned
    65 Post(s)
    Tagged
    0 Thread(s)
    Well considering that nowhere in your code do you select *, that's... not true.

    What entries do you have in your table at the moment?

  15. #15
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I have the id, pw, firstname,lastname, country. Just the basic till I get the form right. that SQL is just there when I click on the SQL button in my members table. Does that code that is there hinder my own coding with PHP for the form and welcome page.

  16. #16
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,747
    Mentioned
    65 Post(s)
    Tagged
    0 Thread(s)
    What i mean is... what data do you have in the table? What's the ID you're trying to query?

  17. #17
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Cool

    Oh when I fill out my form I am hoping that the sessions continues with the Welcome page.
    Here is my form
    PHP Code:
    <?php
    error_reporting
    (E_ALL);
    ini_set("display_errors"1);
    include_once (
    "Connections/connect_to_mysql.php"); 

      
    $err='';
      
    $id='';
      
    $firstname='';
      
    $lastname='';
      
    $password='';
      
    $country='';
      
    $email='';
      
    $_SESSION['$id']='id';

      if(isset(
    $_POST["submit"])){

      
        
    // Validate form data

        
    if($_POST["firstname"]==''$err.='Please enter First Name<br>';
        if(
    $_POST["email"]==''$err.='Please enter Email<br>';



        if(
    $err==''){ 

          
    // Check if there are duplicate entries in the 'contacts' table

          
    $sql_check mysql_query("SELECT id FROM `Members` WHERE firstname='".addslashes($_POST["firstname"])."' and Email='".addslashes($_POST["email"])."'");
          if(
    $row mysql_fetch_array($sql_check)){
            
    $err.='Can not add duplicate entry<br>';
          }
          else{

            
    // adding new record to 'contacts' table

           
    $results mysql_query("INSERT INTO Members (firstname,lastname,password,country,Email) 
                        values ('"
    .mysql_real_escape_string($_POST["firstname"])."','".mysql_real_escape_string($_POST["lastname"])."','".md5($_POST["password"])."','".mysql_real_escape_string($_POST["country"])."','".mysql_real_escape_string($_POST["email"])."')")
                        or die (
    mysql_error());
     
    $id mysql_insert_id();
     
    $userid mysql_insert_id(); 

           
    // redirecting to success screen
           
    if($results){
             
    header("Location: login.php");
    }else
    die(
    mysql_error());

          }
        }
      }

    ?>
    <html>
    <head>
    <title>Add New Contact</title>
    </head>

    <body>

    <h2>Register with us</h2>

    <?php echo $err==''?'':('<p style="color:red;">'.$err.'</p>'?>

    <form method="post" action="form.php">

    <table border="0">
    <tr>
    <td valign="middle">First Name:</td>
    <td><input type="text" name="firstname" size="30" value="<?php echo htmlspecialchars($firstname?>"></td>
    </tr>
    <tr>
    <td valign="middle">Last Name:</td>
    <td><input type="text" name="lastname" size="30" value="<?php echo htmlspecialchars($lastname?>"></td>
    </tr>
    <tr>
    <td valign="middle">Password:</td>
    <td><input type="password" name="password" size="32" value="<?php echo htmlspecialchars($password?>"></td>
    </tr>
    <tr>
    <td valign="middle">Country:</td>
    <td><input type="text" name="country" size="30" value="<?php echo htmlspecialchars($country?>"></td>
    </tr>
    <tr>
    <td valign="middle">Email:</td>
    <td><input type="text" name="email" size="30" value="<?php echo htmlspecialchars($email?>"></td>
    </tr>
    </table><br>

    <input type="submit" name="submit" value=" Submit! ">

    </form>

    </body>
    </html>

  18. #18
    Just Blow It bronze trophy
    DaveMaxwell's Avatar
    Join Date
    Nov 1999
    Location
    Mechanicsburg, PA
    Posts
    7,203
    Mentioned
    106 Post(s)
    Tagged
    1 Thread(s)
    Like StarLion mentioned in post#2, you're missing session_start() on that page.

    If you want to have access to the session variables, you need to have session_start() at the top of each php page - no exceptions.
    Dave Maxwell - Manage Your Site Team Leader
    My favorite YouTube Video! | Star Wars, Dr Suess Style

  19. #19
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It has the Welcome page but not the Welcome, firstname sessions is not working????? I included the session_start(); now at the top of the form.

  20. #20
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,747
    Mentioned
    65 Post(s)
    Tagged
    0 Thread(s)
    You're missing the third arm of the triangle - you've got the page set up to read session data, you've got the form to insert data into the table... but where's the login to read the table and fill in the session?

  21. #21
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    so I will need to have the login page done I actually had the form to go to the welcome members first then to the main private pages. I just updated a few things now I get it welcoming all my tested members in my db. Here is the updated login/welcome page. I cant wait to get to the stage in the programming you are at then I can have that knowledge being new is fresh....

    It is welcoming them all at the same time image that one point I get no welcome now it is welcoming them at the same time...

    PHP Code:
    <?php
    session_start
    ();
    ini_set ("display_errors""1");
    error_reporting(E_ALL);
    ?>        
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Welcome</title>
    </head>

    <body>
    <?php
    /* Program: login.php
     * Desc:    Displays the new member welcome page. Greets
     *            member by name and gives a choice to enter
     *            restricted section or go back to main page.
     */ 
    if (isset($_SESSION['id'])) {    
    include(
    'Connections/connect_to_mysql.php');        
    // Set the users session ID
        
    $id=$_SESSION['id'];

    // Now let's initialize vars to be printed to page in the HTML section so our script does not return errors 
    // they must be initialized in some server environments

    $firstname '';
    $lastname '';
    $country '';
    $email '';

    //Formulate Query
    //This is the best way to perform an SQL query
    $query "SELECT id, firstname FROM `Members` WHERE id={$_SESSION['id']}";
    $result mysql_query($query);

    //Check result
    //This shows the actual query sent to MySQL and the error. Useful for debugging.

    if(!$result){
        
    $message 'Invalid query:' mysql_error() . "\n";
        
    $message .= 'Whole query:' $query;
        die(
    $message);
    }
    //Use result
    //Attempting to print $result won't allow access to information in the resource
    //One of the mysql result functions must be used
    //See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.
    while($row=mysql_fetch_assoc($result)){
          echo 
    "Welcome, {$row['firstname']}";
    }
    }
               
    mysql_free_result($result);
    ?>
    <p>Your new Member accounts lets you enter the members only section
    of our web site. You'll find special discounts, a profile of matches,
    live advise from experts, and much more.</p>
    <p>Your new Member ID and password were emailed to you. Store them
    carefully for future use.</p>
    <div style="text-align: center">
    <p style="margin-top: .5in; font-weight: bold">
    Glad you could join us!</p>
    <form action="profile.php" method="post">
        <input type="submit"
            value="Enter the Members Only Section">
            </form>
    <form action="index.php" method="post">
        <input type="submit" value="Go to Main Page">
        </form>        
            </div>
    </body>
    </html>

  22. #22
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,747
    Mentioned
    65 Post(s)
    Tagged
    0 Thread(s)
    Well think about it this way. How does your system know what user is showing up? Session data gets purged after 15 minutes of inactivity.

    So user X shows up an hour after they last used your site. The system has no idea who this person is. What should they do? Sign up again?

    So yes. A login page is a good thing.Username and password, email and password, whatever.
    Your login page checks the table to see if someone with that email and password exists; if so, it sets the session variable to hold their ID. THEN when they get to the welcome page, your Welcome Page now knows which user this is, and can get their information correctly.

  23. #23
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Alright I do have a login username form so what I am going to try is add it to the welcome page oh my goodness if this works I am going to dance for three days. give me a minute to confuse myself while I add it to the welcome page.

  24. #24
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This is the code I had borrowed and the error message I now get. I think I am on the right track.

    Notice: Undefined index: email in /home/ebermy5/public_html/login.php on line 20

    Warning: mysql_query() [function.mysql-query]: Access denied for user 'ebermy5'@'localhost' (using password: NO) in /home/ebermy5/public_html/login.php on line 101

    Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/ebermy5/public_html/login.php on line 101
    Invalid query:Access denied for user 'ebermy5'@'localhost' (using password: NO) Whole query:SELECT id, firstname FROM `Members` WHERE id=id

    PHP Code:
    <?php
    session_start
    ();
    ini_set ("display_errors""1");
    error_reporting(E_ALL);
    ?>        
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Welcome</title>
    <style type="text/css">
    .background {color: #B56AFF;
    }
    </style>
    </head>

    <body>
    <p>
    <?php
    if ($_POST['email'] != "") {

    include(
    'Connections/connect_to_mysql.php');

    $email $_POST['email'];
    $pass $_POST['pass'];
    $remember $_POST['remember']; // Added for the remember me feature

    $email strip_tags($email);
    $pass strip_tags($pass);
    $email mysql_real_escape_string($email);
    $pass mysql_real_escape_string($pass);
    $email eregi_replace("`"""$email);
    $pass eregi_replace("`"""$pass);

    $pass md5($pass);

    //make query
    $sql mysql_query("SELECT * FROM Members WHERE email='$email' AND password='$pass' AND email_activated='1'"); 
    $login_check mysql_num_rows($sql);

    if(
    $login_check 0){ 

        while(
    $row mysql_fetch_array($sql)){ 

            
    $id $row["id"];   
            
    session_register('id'); 
            
    $_SESSION['id'] = $id;
           
            
    $firstname $row["firstname"];   
            
    session_register('firstname'); 
            
    $_SESSION['firstname'] = $firstname;
           
            
    $email $row["email"];   
            
    session_register('email'); 
            
    $_SESSION['email'] = $email;
             
            
    mysql_query("UPDATE Members SET last_log_date=now() WHERE id='$id'"); 
              
        } 
    // close while
        
        // Remember Me Section Addition... if member has chosen to be remembered in the system
        
    if($remember == "yes"){
          
    setcookie("idCookie"$idtime()+60*24*60*60"/"); // 60 days; 24 hours; 60 mins; 60secs
          
    setcookie("firstnameCookie"$firstnametime()+60*24*60*60"/"); // 60 days; 24 hours; 60 mins; 60secs
          
    setcookie("emailCookie"$emailtime()+60*24*60*60"/"); // 60 days; 24 hours; 60 mins; 60secs
          
    setcookie("passCookie"$passtime()+60*24*60*60"/"); // 60 days; 24 hours; 60 mins; 60secs
        
    }    
        
    $my_msg "all_good";
        print 
    "return_msg=$my_msg&id=$id&firstname=$firstname";
        
    } else {
    $my_msg "no_good";
        print 
    "return_msg=$my_msg"
      exit();
    }


    }
    // close if post
    ?>
    <?php
    /* Program: login.php
     * Desc:    Displays the new member welcome page. Greets
     *            member by name and gives a choice to enter
     *            restricted section or go back to main page.
     */ 
    if (isset($_SESSION['id'])) {            
    // Set the users session ID
        
    $id=$_SESSION['id'];

    // Now let's initialize vars to be printed to page in the HTML section so our script does not return errors 
    // they must be initialized in some server environments

    $firstname '';
    $lastname '';
    $country '';
    $email '';

    //Formulate Query
    //This is the best way to perform an SQL query
    $query "SELECT id, firstname FROM `Members` WHERE id={$_SESSION['id']}";
    $result mysql_query($query);

    //Check result
    //This shows the actual query sent to MySQL and the error. Useful for debugging.

    if(!$result){
        
    $message 'Invalid query:' mysql_error() . "\n";
        
    $message .= 'Whole query:' $query;
        die(
    $message);
    }
    //Use result
    //Attempting to print $result won't allow access to information in the resource
    //One of the mysql result functions must be used
    //See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.
    while($row=mysql_fetch_assoc($result)){
          echo 
    "Welcome, {$row['firstname']}";
    }
    }
               
    mysql_free_result($result);
    ?>


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •