SitePoint Sponsor

User Tag List

Page 4 of 6 FirstFirst 123456 LastLast
Results 76 to 100 of 150
  1. #76
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    Wonderful, that works.

    Can I ask for help with the rest of the stuff?

    Thanks.

    Mak

  2. #77
    blonde.... Sarah's Avatar
    Join Date
    Jul 2001
    Location
    Berkshire, UK
    Posts
    7,442
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    which bits do we have left then? the parts you mentioned earlier or new stuff
    Regular user

  3. #78
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    What is left is what I mentioned earlier mostly.

    Firstly, the password issue. I realise that some sort of 'mumbo-jumbo' should be entered into the mPassword field in the DB, but instead it is blank.

    The DB insertion is:
    PHP Code:
    mPassword  =  '".$_POST['encrypted_password']."'"; 
    The password code is:
    PHP Code:
    <TR VALIGN="middle"> 
    <TD>Password:</TD>
    <TD><INPUT TYPE="password" NAME="PasswordOne" SIZE="20" MAXLENGTH="20" VALUE=""></TD>
    </TR>
    <TR VALIGN="middle"> 
    <TD>Confirm Password:</TD>
    <TD><INPUT TYPE="password" NAME="Password" SIZE="20" MAXLENGTH="20" VALUE="" alt="equalto|PasswordOne"></TD>
    </TR>
                
    <?php
    // MD5 of password to encrpt. Then $encrypted_password goes into database
    $encrypted_password md5($_POST["Password"]);
    ?>
    Thanks.

    Mak

  4. #79
    blonde.... Sarah's Avatar
    Join Date
    Jul 2001
    Location
    Berkshire, UK
    Posts
    7,442
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    like we changed the mDOB stuff to remove the POST in eth sql query you also need to do the same with the password in the sql query, because you already get the $_POST value of password and using that you create the $encrypted value so therefore the line in the sql query should just read

    PHP Code:
    mPassword  =  '$encrypted_password' "; 

    does that work now?
    Regular user

  5. #80
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It should 8)

  6. #81
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    Yeah that worked a treat, except that I had to move the md5 part to to the top so that it does it after the form has been submitted - see, I am learning.. slowly but surely! [img]images/smilies/biggrin.gif[/img]

    Now, I get an error with the following:
    PHP Code:
    // generate and execute query 2
    $query2 "INSERT INTO Lookup SET
    relMemberID = '"
    .$_POST['memberID']."',
    relReligionID = '"
    .$_POST['religion_id']."',
    relRelationID = '"
    .$_POST['relation_id']."',
    relMStatusID = '"
    .$_POST['mstatus_id']."',
    relHeightID = '"
    .$_POST['height_id']."',
    relBuildID = '"
    .$_POST['build_id']."',
    relComplexionID = '"
    .$_POST['complexion_id']."',
    relCBirthID = '"
    .$_POST['country_id1']."'
    relCOriginID = '"
    .$_POST['country_id2']."'
    relEducationID = '"
    .$_POST['education_id']."',
    relOccupationID = '"
    .$_POST['occupation_id']."',
    relDietID = '"
    .$_POST['diet_ID']."'"
    I get this error but I cannot see what it is:

    Error in query 2: INSERT INTO Lookup SET relMemberID = '', relReligionID = '', relRelationID = '', relMStatusID = '', relHeightID = '', relBuildID = '', relComplexionID = '', relCBirthID = '' relCOriginID = '' relEducationID = '', relOccupationID = '', relDietID = ''. You have an error in your SQL syntax near 'relCOriginID = '' relEducationID = '', relOccupationID = '', relD' at line 10

    Thanks.

    Mak [img]images/smilies/smile.gif[/img]

  7. #82
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Look closely and you'll notice that you've missed out 2 comma's to seperate individual data going to each field:

    Birth and Origin

    Proberly a typo 8)

  8. #83
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    Yes, just seen them. [img]images/smilies/smile.gif[/img]

    Now, however, I get:

    Error in query 2: INSERT INTO Lookup SET relMemberID = '', relReligionID = '', relRelationID = '', relMStatusID = '', relHeightID = '', relBuildID = '', relComplexionID = '', relCBirthID = '', relCOriginID = '', relEducationID = '', relOccupationID = '', relDietID = ''. Duplicate entry '0-0-0-0-0-0-0-0-0-0-0-0-0-0' for key 1

    When I look in the DB all the fields are just '0' and not set to the appropriate relative-key values.

    Thanks.

    Mak [img]images/smilies/smile.gif[/img]

  9. #84
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Within your database you have a field that has a UNIQUE flag.

    In one database I have the username is set to UNIQUE ID so that only one - ever - database insertion will have a unique username -

    No 2 users can ever have the same username can they ? It doesn't matter about passwords for example - you may find this with Email's as well at some point 8)

    So your error is saying that you are attempting to insert - whatever field - something that is already there and it - the database table - cannot have more than one record with this value.

    What I do to get around this is to put the query within an IF condition so if there is no errors i.e. no duplication then only then the insert/update will take place.

    The ELSE condition would then alert the user to the insertion/update being cancelled due to a duplicate entry.

    So have a look at the database structure (mysql> desc <database table name here>) and see what field(s) are UNIQUE.

    Hope this explains things to you ?

  10. #85
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Here is my database table - do you notice the UNI for the username field ? You should have this for your first field as well - proberly an ID of some sort 8)

    PHP Code:
    +-------------+---------------+------+-----+---------+----------------
    Field       Type          Null Key | Default | Extra          
    +-------------+---------------+------+-----+---------+----------------
    id          smallint(6)   |      | PRI NULL    auto_increment 
    date        timestamp(14) | YES  |     | NULL    |                
    username    varchar(32)   |      | UNI |         |                
    password    varchar(32)   |      |     |         |                
    accesslevel tinyint(3)    |      |     | 0       |                
    forename    varchar(32)   |      |     |         |                
    surname     varchar(40)   |      |     |         |                
    +-------------+---------------+------+-----+---------+----------------
    7 rows in set (0.00 sec

  11. #86
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    I understand what you mean. By issuing the 'desc' instruction in MySQL I get:

    +-----------------+--------+------+-----+---------+-------+
    | Field | Type | Null | Key | Default | Extra |
    +-----------------+--------+------+-----+---------+-------+
    | relMemberID | int(5) | | PRI | 0 | |
    | relReligionID | int(5) | | PRI | 0 | |
    | relRelationID | int(5) | | PRI | 0 | |
    | relMStatusID | int(5) | | PRI | 0 | |
    | relHeightID | int(5) | | PRI | 0 | |
    | relBuildID | int(5) | | PRI | 0 | |
    | relComplexionID | int(5) | | PRI | 0 | |
    | relCBirthID | int(5) | | PRI | 0 | |
    | relCOriginID | int(5) | | PRI | 0 | |
    | relEducationID | int(5) | | PRI | 0 | |
    | relOccupationID | int(5) | | PRI | 0 | |
    | relDietID | int(5) | | PRI | 0 | |
    | relReferrerID | int(5) | | PRI | 0 | |
    | relLinkID | int(5) | | PRI | 0 | |
    +-----------------+--------+------+-----+---------+-------+

    You see, all this other information about a individual's diet (or whatever), I do not want stored in the main Members table. As a result, I have this table which should contain relative-keys as to which member has what particulars. For example:

    Member 1 has a diet of 1 (which is vegetarian) and education of 3 (which is a batchelors).. and so on. Each time when a member joins, they enter a record for the member table, and subsequently, corresponding relation-keys are entered into this table.

    Am I going about this the right way?

    Thanks.

    Mak [img]images/smilies/smile.gif[/img]

  12. #87
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    There may be a UNI within a related table that has a relationship with this one ?

    There is definitely a database design issue there somewhere.

    Looking at my table again I think - key 1 - could be something to do with your PK. This could be this table it's self or another ID within another table that is related to this tables - the one you've put up in this forum - id.

    I'd check your database queries for mis-placed insertions or updates in regards to your table relationships though 8)

    -- EDITED --

  13. #88
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    Well the structure I knocked up is:
    PHP Code:
    CREATE TABLE `members` (
    `
    memberIDint(5NOT NULL auto_increment,
    `
    mForenamevarchar(25NOT NULL default '',
    .. 
    etc
    PRIMARY KEY 
    (`memberID`)
    TYPE=MyISAM AUTO_INCREMENT=45 
    PHP Code:
    CREATE TABLE `lookup` (
    `
    relMemberIDint(5NOT NULL default '0',
    `
    relReligionIDint(5NOT NULL default '0',
    `
    relRelationIDint(5NOT NULL default '0',
    .... 
    etc
    PRIMARY KEY 
    (`relMemberID`,`relReligionID`,`relRelationID`etc...)
    TYPE=MyISAM
    As regards to the queries, well, I only have two within the script. One for entering a member record and the second to enter the other details into the Lookup table:
    PHP Code:
    // generate and execute query
    $query "INSERT INTO Members SET 
    mForename = '"
    .$_POST['Forename']."', 
    ... etc
    $result = mysql_query($query) or die ("Error in query$query" . mysql_error());
    $memberID = mysql_insert_id(); 
    And:
    PHP Code:
    $query2 "INSERT INTO Lookup SET
    relMemberID = '"
    .$_POST['memberID']."',
    relReligionID = '"
    .$_POST['religion_id']."',
    etc...
    $result2 = mysql_query($query2) or die ("Error in query 2$query2" . mysql_error()); 
    So I am wondering, is there something wrong with my Lookup table or the query I am using for it? i.e. Should it be an UPDATE instead?

    Thanks.

    Mak [img]images/smilies/smile.gif[/img]

  14. #89
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I was thinking about this earlier and another thing that might cause this problem is that your putting a different data type into a field in this table - posted earlier - that should be something else ?

    For example, a string is going into one of your IDs and in fact it should be an integer.

    Are your values your inserting into the table all correct ? BTW an update is only used to update a record already there so stick with the insert 8)

  15. #90
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    With the second query my aim is to insert IDs that are just integers, thus:
    PHP Code:
    // generate and execute query 2
    $query2 "INSERT INTO Lookup SET
    relMemberID = '"
    .$_POST['memberID']."',
    relReligionID = '"
    .$_POST['religion_id']."',
    relRelationID = '"
    .$_POST['relation_id']."',
    relMStatusID = '"
    .$_POST['mstatus_id']."',
    etc... 
    For example, a person's marital status would be taken from:
    PHP Code:
    <TD>Marital Status:</TD>
    <TD><SELECT NAME="marital" />
    <OPTION SELECTED VALUE="">Select</OPTION>
    <?php
    while ($mstatus_q mysql_fetch_array($mstatus_query)) {
    $mstatus_id $mstatus_q["mStatusID"];
    $mstatus_type $mstatus_q["mStatusType"];
    echo(
    "<OPTION VALUE='$mstatus_id'>$mstatus_type<BR>\n");
    }
    ?>
    </SELECT> </TD>
    Am I going about this the right way?

    Thanks.

    Mak [img]images/smilies/smile.gif[/img]

  16. #91
    blonde.... Sarah's Avatar
    Join Date
    Jul 2001
    Location
    Berkshire, UK
    Posts
    7,442
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Mak,

    can you check the page source when you view the actual form itself to check that you are actually getting ID values for the martial status etc? So print out here the html source code here to show us.

    then write echo "lookup... insert your full lookup query2 here" BEFORE the actual query2 line that will show whether you have a problem with the data not being passed from the form OR its the insert into the dB issue.

    because you have the error saying 0-0-0-0-0- etc I would think you are somehow not getting those ID values from the form correctly... and don't worry about the duplicate error as I am pretty sure when we did your dB Schema that is correct

    also you don't need to have single quote around these lookup values as they are just integers (but that shouldn't be an issue)

    HMM skip the above Mak, on your form side you have shown the Marital one here and the name of that drop down box is marital? therefore your post values should be $_POST['marital'] and not $_POST['mstatusid'], as its the NAME of the form field that is passed and not the value you inserted? Does that make sense? try echoing out $_POST['marital'] just before the $query2 part and see if that gives you the value - if it does then just run through each form segment getting the form name (i.e. <select name="marital">)

    see whether that changes anything..

    Sarah
    Regular user

  17. #92
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    Yes, you were absolutely right Sarah. [img]images/smilies/biggrin.gif[/img] [img]images/smilies/thumbs_up.gif[/img]

    I was trying to post the variables themselves rather than the name of the 'select' in which they were assigned and encapsulated.

    Now, apart from a few little tinkers to the various things I have been working on so far, I can register a member.

    What I now need is input from you guys as to how I deal with a couple of things:

    1. Currently, if there are any errors when adding user details, a blank page comes up with an echo of the error. I was thinking of ammending this so that on submission, if any errors are discovered, they are displayed on the same (original) page in say, red, allowing the user to correct them.

    Is this the best way to go about it? If so, how? (NOTE: currently I am posting to PHP_SELF).

    2. Is the use of sessions on such a site a necessary requirement or, in-fact, worth doing?

    Thanks.

    Mak [img]images/smilies/smile.gif[/img]

  18. #93
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ummm.... In the event that a user / script gives an error on the same page you should consider using output buffering.

    To get a better idea of what this is and how it works you should read the manual 8)

    But in the meantime I use this to put errors on the page regardless of when an error occured within the script - i.e. an error could occur near the end and still the error will display okay - w/out prior HTML output 8)

    Start at very top of page BEFORE any output at all - as in the case of using COOKIEs - to use output buffering:
    PHP Code:
    <?php
    # start buffering here
    ob_start();
    # following gets printed
    echo('Hello World !!');
    .
    .
    # some more script which generates an error
    # now I give an error
    ob_clean();
    ReportError('Bad User Inputs');
    ?>
    Now this function 'ReportError' will format and display the error in it's own way - ie not using the page layout dependent on your scripts generated output.

    So for example I could put the error in it's own table - in this example I call a function though but normally I would INCLUDE a page to be displayed passing it the error message. 8) Any content generated by your script will not be displayed either once you've used ob_clean().

    Here is my ErrorReport class for example.
    PHP Code:
    class ErrorReport {

    var 
    $state;
    var 
    $XmlHandler;
    var 
    $FileHandler;

    /**
    * class constructor
    */
    function ErrorReport() {
    $this -> XmlHandler = & new TransformXml;

    ob_start();
    }

    /**
    * set error reporting method(s)
    */
    function SetErrorState($msg) {
    $this -> state $msg;
    }

    /**
    * get error reporting state
    */
    function GetErrorState() {
    return 
    $this -> state;
    }

    /**
    * process an error
    */
    function DoError($msg) {
    if(
    strtolower($this -> state) == (string) 'report') {
    ob_clean();
    $this -> XmlHandler -> SetXmlDir('templates/');
    $this -> XmlHandler -> SetXslFile('transform.xsl');
    $this -> XmlHandler -> SetXmlFile('errors-general.xml');

    $this -> XmlHandler -> AppendText2XmlFile('<import />''<message-block><bold>'strtoupper($msg) .'</bold></message-block>');
    $this -> XmlHandler -> MakeXmlString();
    exit();
    }
    else if(
    strtolower($this -> state) == (string) 'log') {
    $this -> FileHandler = & new Files;
    $this -> FileHandler -> SetDirectory();
    $this -> FileHandler -> DumpText2File('errors.txt'$msg);
    }
    else if(
    strtolower($this -> state) == (string) 'all') {
    $this -> FileHandler = & new Files;
    $this -> FileHandler -> SetDirectory();
    $this -> FileHandler -> DumpText2File('errors.txt'$msg);

    ob_clean();
    $this -> XmlHandler -> SetXmlDir('templates/');
    $this -> XmlHandler -> SetXslFile('transform.xsl');
    $this -> XmlHandler -> SetXmlFile('errors-general.xml');

    $this -> XmlHandler -> AppendText2XmlFile('<import />''<message-block><bold>'strtoupper($msg) .'</bold></message-block>');
    $this -> XmlHandler -> MakeXmlString();
    exit();
    }
    }


    To use something like this yourself you'd declare ob_start() at the top of your page before output.

    Once you detect an error, simply use ob_clean() to clear the output buffer and begin to generate your new output again - ie error reporting.

    -- EDIT --

    Your previously generated output will be erased. Simple as that really. For example a database query gives an error:

    Normally you'd use:

    PHP Code:
    ... or die(mysql_error());
    # correct ?
    .
    .
    # but now you'd call your ErrorReporter instead...
    ... or myErrorReport('I have an error with my database');
    .


  19. #94
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    I'm sorry if I am being thick here (and no funny comments if I am!!), but is there no way of going about it without going through the classes rigmarol?

    [It's just that I am sure that, in-passing, I have seen people do what I require in a relatively easy way. Eg. the user presses submit, if there is an error in regards to validation, they are taken to the top of the page and in red-colour, told to correct the error (maybe with a asterisk next to the field(s))].

    Thanks.

    Mak

  20. #95
    blonde.... Sarah's Avatar
    Join Date
    Jul 2001
    Location
    Berkshire, UK
    Posts
    7,442
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    yeah Mak there is, I will need to respond when in work as most of the code that I work on is there, but basically you will need to set an error array at the start of the code and then fill it with any error message as you go along, which on submits displays them next to the form sections.

    BUT it can be quite complicated so not trying to put you off or anything I woudl get teh rest working and leave it that it goes to a new page listing all the error messages (which you can alter to say Name or which field you are talking about) and then say click back to make changes. Otherwise you will need to change the way you have done the validation etc etc personally I have used this method once and still prefer doing the old fashioned version - makes life much easier...

    I think though you could probably do something half way in between (just thinking off top of head now) but instead of showing a new page you could echo out the errors just at the top of the page allowing them to make the changes directly, getting * next to the form in question is a little harder though.

    Basically with the code that you have you know you have print form, press submit, do error checking, update dB. well after error checking you display form again if any errors were found, so you would need to include the whole form again, but instead of having all the areas blank you would use the $_POST['marital'] as the value of the form boxes so they would already be filled in.

    Hopefully that makes some sense, short on time tonight - let me know whether you get my drift and I will expand on it tomorrow

    And no you are not thick I struggled with the code above also

    Sarah
    Regular user

  21. #96
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    Yes, I think I am getting what you mean.

    So I have an array: $errors = array(); and then after each validation part have a count of each error as so:
    PHP Code:
    if(empty($mForename)){
    $errors[] = 'You did not enter your friggin Forename';

    And then count the errors and display them:
    PHP Code:
    $nerrors count($errors);

    if(
    $nerrors 0) {
    echo 
    "\n".'<p>'.$nerrors.' error(s) found</p>';
    echo 
    "\n".'<ol>';
    for (
    $i 0$i $nerrors$i++)
    echo 
    "\n".'<li>'.$errors[$i].'</li>';
    echo 
    "\n".'</ol>';
    exit;

    I understand the part about not leaving the form blank after initial submission and having the original submitted values now present in the fields. However, what I do not get is:

    1. How to display the whole form again after submission.
    2. How to place the so-called 'red error messages' at the top of the form.
    3. My form is quite long, should I perhaps split it up into a two page form. For example, form 1 - enter username, password, e-mail, if that is validated okay, go to form 2 and enter rest of profile details, then submit and the member has joined.
    4. I am also implementing client-side Javascript and that should take care of most errors, hence, I shouldn't really make much of a fuss over this should I?

    Thanks.

    Mak [img]images/smilies/smile.gif[/img]
    Last edited by mak-uk; Apr 29, 2003 at 18:40.

  22. #97
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Nope - keep the FORM as one - it isn't that long either 8)

    When using FORMS I do things in 2 parts. The first part displays the FORM asking user to fill it in and submit it.

    In which case the first part is the first function. The second part - error validation and db dump is taken by a second function.

    This is all you need. If you have any errors, void the db dump and re-create the FORM again (from second function) though for the FORM elements which have errors, you leave these blank and if an element is okay, you put back the value (from $_POST).

    The user submit's the FORM again with correct details and again you reload the page.

    The page detects (using some script you write - later) the FORM submission and again checks validation etc - using the second function.

    Now to know the difference between a FORM submission or not I use:

    PHP Code:
    if(isset($_FORM['SubmittedForm'])) {
    # form has been submitted so
    # check validation etc
    } else {
    # display form for user to complete

    The $_POST variable above is from:

    PHP Code:
    <form type='submit' name='SubmittedForm' value='Send Form' /> 
    This should help you I think ?

  23. #98
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    Sorry for the lack of replies, have been ill for a few days!

    Last weekend, what you said did make sense.. but it seems a bit hazy now.. sorry!

    My script structure is as follows:

    PHP Code:
    <?php if (isset($_POST['submit'])) { // a new member joins using the form below
    // Form validation
    else { 
    // If validation is all TRUE, then enter a record into DB
    }
     } else { 
    // Drop-down box queries
    ?>
    // Start FORM
    ...
    // End FORM
    <?php
    // end if main if else statement for if the form has been submitted
    ?>
    Given the above, could you explain the modifications required?

    Thanks.

    Mak

  24. #99
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hey guys

    I am still stuck at my previous message. If you're back from the bank holiday w/end can you help?

    Thanks.

    Mak

  25. #100
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Good weekend - thanks 8) The weather up here in the North was good as well 8)

    Makes a bloody change since it was raining like there were no tomorrow on Fri....

    About your problem though, I have posted some script to help you understand some more.

    Though for the moment, the script doesn't put the correct values back to the form in the event of one or more bad user inputs - i.e. invalid characters.

    Instead the form is simply displayed again - it's a login basically and I don't like to see the password passed along again if it's correct and the username isn't - I want the user to re-type both the username/password again so just to be sure a user is exactly who they say they are 8)

    PHP Code:

     
    /** copyright 2002-03 les quinn all rights reserved
     *
     * filename    : login.php
     * description  : main framework user log-in controller
     * author/date  : les quinn 03.05.03 
     * version no.  : 1.16a
     * notes    : none
     */
      
     
     # INCLUDE following files req. by framework
     #
     
    include('protected/common.php');
     include(
    'protected/library.php');
     include(
    'protected/classes.php');
     include(
    'templates/config/config.php');
     
     
    # check for framework COOKIEs
     #
     
    session_start();
     
    $session session_id();
     
     if(!isset(
    $_COOKIE['Cookie'])) {
      
    # no COOKIEs exist so create new one
      #
      
    setcookie("Cookie"$sessiontime() + ((3600 24) * $cfg['COOKIE_DURATION']));
     }
     else {
      
    # found COOKIEs so update
      #
      
    $session $_COOKIE["Cookie"];
      
    setcookie("Cookie"$sessiontime() + ((3600 24) * $cfg['COOKIE_DURATION']));
     }
      
     
    # check for framework SESSIONs
     #
     
    if(!isset($_SESSION)) {
      
    # no SESSIONs exist so create new one
      #
      
    $_SESSION['Session']['UserId'];
      
    $_SESSION['Session']['UserAccess'];
      
      
    $_SESSION['Session']['Username'];
      
    $_SESSION['Session']['Password'];
      
      
    $_SESSION['Session']['MenuState'];
      
    $_SESSION['Session']['MenuCommand'];
     }
     
     
    # create new instance of ErrorReport class
     #
     
    $e = new ErrorReport($cfg['ERROR_DIR']);
     
    $e -> SetErrorState($cfg['ERROR_FLAG']);
     
     
    # create new instance of DBaseMYSQL class
     #
     
    $db = new Dao($e);
     
    $db -> SetMYSQL($cfg['DB_SOURCE'], $cfg['HOSTNAME_'], $cfg['USERNAME_'], $cfg['PASSWORD_']);
     
     
    # create new instance of Template class
     #
     
    $tmp = new Template;
     
    $tmp -> SetTempDir($cfg['TEMPLATE_DIR']);
     
    $tmp -> SetTemplate('login.tpl');
     
    $tmp -> SetTempVariables(array('_body'));
     
    $tmp -> SetTempFunctions(array('DisplayLogInForm'));
     
     
    # create new instance of FormValidation class
     #
     
    $f = new FormValidation;
     
    # check to see if login FORM has been submitted first
     
    if(!$f -> CheckFormStatus()) {
      
    # FORM not submitted so display FORM
      
    $tmp -> ParseTemplate();
     }
     else {
      
    $f -> GetFormPostData();
      
    $f -> InitFormVars();
      
      
    # validate user inputs for valid characters
      
    $f -> FormInputIsAlphaNumeric('');
      
    $f -> FormInputIsAlphaNumeric('');
      
      if(!
    $f -> FormValidated()) {
       
    # there has been invalid characters for one or more input fields
       
    $tmp -> ParseTemplate();
      }
      else {
       
    # valid characters so check against database records
       
    if($db -> RequestUser($f -> GetFormUserInput(0), $f -> GetFormUserInput(1), 1) == (int) 1) {
        
    $DbArray $db -> DumpDbase();
        
        
    # put database records to SESSION variable
        
    $_SESSION['Session']['UserId']   = (int)  $DbArray[0][0];
        
    $_SESSION['Session']['Username']  = (string)  $DbArray[0][2];
        
    $_SESSION['Session']['Password']  = (string)  $DbArray[0][3];
        
    $_SESSION['Session']['UserAccess']  = (int)  $DbArray[0][4];
        
        
    # use Javascript to re-direct back to application file
        
    RedirectJS('index.php');
       }
       else {
        
    # no match found from database query
        
    $tmp -> ParseTemplate();
       }
      }  
     }
     
     
    /** copyright 2002-03 les quinn all rights reserved
     */ 
    Ignore the FormValidation class inserts - for your problem, this is where you actually check up on your user inputs against proper validated inputs etc.

    Place your own PHP checks here instead - the script above basically will show you the script flow and structure I suppose.

    So take out the parts that are not revelent to you - FormValidation usage for example - and put your own bits and pieces in there instead.

    Any questions, etc then get back to this post 8)


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •