SitePoint Sponsor |
|
User Tag List
Results 126 to 150 of 150
-
Jun 13, 2003, 05:30 #126
- Join Date
- Jan 2003
- Posts
- 5,748
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
As always, script for GLOBALs being OFF; No buts about it really; you are a developer and yes, you have a responsibility for developing secure scripts
-
Jun 13, 2003, 11:28 #127
- Join Date
- Dec 2001
- Location
- Midlands, UK
- Posts
- 284
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Hi
I started development after the introduction of PHP 4.2. I have had a look at Kevin's article that he suggested (4.2 and after) but now I am totally confused as I have the previous example and the new example baffling me all over the place.
Any suggestison? Sorry for being thick..
Thanks.
Mak
-
Jun 13, 2003, 14:25 #128
- Join Date
- Jul 2001
- Location
- Berkshire, UK
- Posts
- 7,442
- Mentioned
- 1 Post(s)
- Tagged
- 0 Thread(s)
Mak
Don't worry you are not being thick, I rewrote the 'kev' script before he wrote his new article. The sad thing is I don't have a copy here at the moment - can you wait until monday? I basically re wrote kev script to work with php globals off etc, dead easy (although I will admit it took a while!!)
can you do anything else until then? or maybe flick register globals on in the php.ini to test and get the rest looking good and then I will pop back in Monday am with some help?
I would revamp the one you posted - BUT its friday night I am 1/2 way down a bottle of wine - and honestly can not really be bothered - is that ok? (us advisors are human after all)
Cool?
Thanks
SarahRegular user
-
Jun 13, 2003, 16:49 #129
- Join Date
- Jun 2003
- Location
- Iowa, USA
- Posts
- 3,749
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
IIRC, a very quick hack is
PHP Code:$GLOBALS += $_GET;
HTHJason Sweat ZCE - jsweat_php@yahoo.com
Book: PHP Patterns
Good Stuff: SimpleTest PHPUnit FireFox ADOdb YUI
Detestable (adjective): software that isn't testable.
-
Jun 13, 2003, 17:39 #130
- Join Date
- Apr 2000
- Location
- Melbourne, Australia
- Posts
- 2,571
- Mentioned
- 2 Post(s)
- Tagged
- 0 Thread(s)
Hmm I think this thread has gone on long enough. I'm going to update the article to work with register_globals off...
Kevin Yank
CTO, sitepoint.com
I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
Baby’s got back—a hard back, that is: The Ultimate CSS Reference
-
Jun 13, 2003, 17:58 #131
- Join Date
- Dec 2001
- Location
- Midlands, UK
- Posts
- 284
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Hi
Sarah.. that's wonderful, thanks.. I can wait 'til Monday..in the meantime I have plenty to be getting on with! I hope you enjoyed your Friday night!! I don't drink but I enjoyed staying in and watching an old favourite which got me motivated for the gym tomorrow - Rocky 2!
sweatje.. thanks for your help, will look at that in the meantime.
Kevin.. thanks for your reply once again, I look forward to the updated article. Let me know when you have it done?
Thanks all.
Mak
-
Jun 13, 2003, 19:48 #132
- Join Date
- Apr 2000
- Location
- Melbourne, Australia
- Posts
- 2,571
- Mentioned
- 2 Post(s)
- Tagged
- 0 Thread(s)
The article has now been updated, along with the downloadable code archive. Enjoy! :-)
Kevin Yank
CTO, sitepoint.com
I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
Baby’s got back—a hard back, that is: The Ultimate CSS Reference
-
Jun 16, 2003, 09:56 #133
- Join Date
- Dec 2001
- Location
- Midlands, UK
- Posts
- 284
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Trying it out..
Hi
I am trying out the newly updated article now.
When I run 'signup.php' I get the following error msg:
Warning: mail() [function.mail]: SMTP server response: 503 No recipient(s). in d:\inetpub\wwwroot\session_test\signup.php on line 130
User registration successful!
Your userid and password have been emailed to someaddresshere@somedomain.whatever, the email address you just provided in your registration form. To log in, click here to return to the login page, and enter your new personal userid and password.
I think this is referring to the following line(s):
PHP Code:mail($newemail,"Your Password for Your Website",
$message, "From:Your Name <you@example.com>");
[mail function]
; For Win32 only.
SMTP = localhost ; for Win32 only
; For Win32 only.
sendmail_from = me@localhost.com ; for Win32 only
Oh, and I am running Win XP which has the SMTP server enabled with all the default settings.
Any ideas?
Thanks.
Mak
-
Jun 16, 2003, 10:26 #134
- Join Date
- Jan 2003
- Posts
- 5,748
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Obviously since your using your local machine and you normally wouldn't have an email server, you'll get this message ? Upload the scripts etc to your web space and try again using a known valid email address instead. If not, then download an email server of your own and configure it
Try www.mailenabled.com although at the moment the website has .htaccess so try again later to see if they're finished uploading their updates ? Note: it is not easy (I know from experience) to configure your own email server so you may as well use your ISP to access the mail() function, or sign up to an ISP with email access...
-
Jun 16, 2003, 10:28 #135
- Join Date
- Jan 2003
- Posts
- 5,748
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Btw - do you have dial up or broadband access ? If you've got broadband I'll upload and email you the app I have ? It's about 6MB...
-
Jun 16, 2003, 15:52 #136
- Join Date
- Apr 2000
- Location
- Melbourne, Australia
- Posts
- 2,571
- Mentioned
- 2 Post(s)
- Tagged
- 0 Thread(s)
Actually, the problem was a typo in the article. The code in question has now been updated:
PHP Code:mail($_POST['newemail'],"Your Password for Your Website",
$message, "From:Your Name <you@example.com>");
Kevin Yank
CTO, sitepoint.com
I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
Baby’s got back—a hard back, that is: The Ultimate CSS Reference
-
Jun 17, 2003, 01:35 #137
- Join Date
- Jul 2001
- Location
- Berkshire, UK
- Posts
- 7,442
- Mentioned
- 1 Post(s)
- Tagged
- 0 Thread(s)
Mak - I also was watching Rocky 2 old fav of mine
Kev - thats great getting that article updated as I know loads of people use it
So Mak let us know how you are getting on now?Regular user
-
Jun 17, 2003, 02:41 #138
- Join Date
- Dec 2001
- Location
- Midlands, UK
- Posts
- 284
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
So far..
Hi
Yeah I love all of the Rocky series. Most people think that it's all about boxing but it isn't much really.. at least not the first three! I have the anthology on DVD.. pretty great! Damn, I wish I could play the new Rocky... (dreamland)
Anyway, I have gotten Kevin's great tutorial working. If you recall, my sign-up script goes along the following lines:
PHP Code:<?php
if(!isset($_POST['is_submitted'])) {
// Start drop down box queries
.. etc
// End drop down box queries
?>
<! ------------------- START FORM ------------------- >
<FORM TYPE="SUBMIT" NAME="is_submitted" ACTION="<?php echo($_SERVER['PHP_SELF']); ?>" METHOD="POST">
<input type=hidden name="is_submitted" value="yes">
</FORM>
<! ------------------- END FORM ------------------- >
<?php
}
else {
# FORM has been sent so need to look at values
$Forename = (string) $_POST['Forename'];
$Surname = (string) $_POST['Surname'];
... etc
// Create error array variable
$ErrorArray = array();
// Check each input from user - start form validation
.. etc
// End form validation
if(empty($ErrorArray)) {
echo"<h1>You are registered!</h1>";
// generate and execute query
$query = "INSERT INTO Members SET
mForename = '".$_POST['Forename']."',
mSurname = '".$_POST['Surname']."',
... etc
$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
$memberID = mysql_insert_id();
$query2 = "INSERT INTO Lookup SET
relMemberID = '".$_POST['memberID']."',
relReligionID = '".$_POST['religion_id']."',
... etc
$result2 = mysql_query($query2) or die ("Error in query 2: $query2. " . mysql_error());
// Email the login details to the person.
... etc
// End Email code
}
else {
// Found one or more errors
$nerrors = count($ErrorArray);
echo ('You have '.$nerrors.' errors.<br>');
foreach($ErrorArray as $error) {
echo('You have this error: '.$error.' Please correct it.<br>');
}
# now display your FORM here again using
# same HTML etc - FORM variables and all
// Start drop down box queries
... etc
// End drop down box queries
if(empty($ErrorArray["Forename"])) {
$ok_Forename = $_POST["Forename"];
}
... etc
?>
<! -- FORM with previously submitted values -- >
<FORM TYPE="SUBMIT" NAME="is_submitted" ACTION="<?php echo($_SERVER['PHP_SELF']); ?>" METHOD="POST">
<input type=hidden name="is_submitted" value="yes">
</FORM>
<! ------------------- END FORM ------------------- >
<?php
}
}
?>
1. Firstly, is this sufficient for a sign-up script?
2. When the user enters ALL valid data, they are e-mailed their login details. Should I then make it that they are automatically logged in.. OR.. divert them to the index page to login?
Okay.. once I get this stuff a bit clearer, I will ask a bit more about sessions.
Thanks.
Mak
-
Jun 17, 2003, 02:47 #139
- Join Date
- Jul 2001
- Location
- Berkshire, UK
- Posts
- 7,442
- Mentioned
- 1 Post(s)
- Tagged
- 0 Thread(s)
Mak,
Yes that is sufficient,
I generally send the login link in the email that you will send them. 'click here to login' type thing, then they are prompted for their details - and voila!
session themselves are pretty simple, anything that you would like stored as a session do this to store it:
PHP Code:$_SESSION['something_to_store']=$something_to_store
PHP Code:$something_to_store
PHP Code:$_SESSION['something_to_store']
That simple.
Off Topic:
me being a huge sly fan I pretty much have all his moves including rocky and ramboLast edited by Kevin Yank; Jun 17, 2003 at 04:12. Reason: Fixed [php] tag.
Regular user
-
Jun 17, 2003, 04:13 #140
- Join Date
- Apr 2000
- Location
- Melbourne, Australia
- Posts
- 2,571
- Mentioned
- 2 Post(s)
- Tagged
- 0 Thread(s)
You should definitely not automatically log them in! As is explained in the article, forcing them to log in using the password you sent them by e-mail guarantees that the e-mail address is valid.
Kevin Yank
CTO, sitepoint.com
I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
Baby’s got back—a hard back, that is: The Ultimate CSS Reference
-
Jun 17, 2003, 07:45 #141
- Join Date
- Jan 2003
- Posts
- 5,748
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
But Rambo 3 and 4 were seriously crap
The Rocky Films are no that bad though; missed the film the other night though
-
Jun 17, 2003, 15:07 #142
- Join Date
- Dec 2001
- Location
- Midlands, UK
- Posts
- 284
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Hi
On a side note.. I love Sly movies too.. am a big fan in-fact!! Rocky is just the best! Love the films (mainly 1-3) and the soundtrack.
I didn't know they made a Rambo 4? Agreed, Rambo 2 and 3 were not as good as First Blood.. that is a classic! However, Rambo 3 did have a good storyline in terms of showing the suffering of the Afghan people and then Rambo comes in to help with their uprise against the Russians. Ironic that Mr Bin-Laden was part of this 'uprising' that the US helped and later turned on! ![img]images/smilies/eek.gif[/img] [img]images/smilies/mad.gif[/img]
Okay, so for the sign-up script as I have it, I don't really need sessions then do I?
So once the user is signed up, they are diverted (or provided with a link as well as e-mail) to the login page (i.e. the main page of the site).
Now, for the main page of the site, apart from all the usual paraphernalia, I should provide them with a log-in section. Here, I need to iron out a query..
I have made it so that the user has a unique 'username'. Hence, should they log in with their username, or, should they log in with their e-mail? (Hence, implying, only one registration per e-mail?).
What do you think?
Thanks.
Mak [img]images/smilies/smile.gif[/img]
-
Jun 18, 2003, 07:54 #143
- Join Date
- Jan 2003
- Posts
- 5,748
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Umm... Generally though the email address is their username, no ? And this field (email) is UNIQUE. Helps if you provide a password as well... Remember to use SESSIONs in all your pages you want a user to have access to once they've signed in/logged in/whatever though...
-
Jun 24, 2003, 07:23 #144
- Join Date
- Dec 2001
- Location
- Midlands, UK
- Posts
- 284
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Problems
Hi
Well I am starting the main page and log-in screen. I am trying it out with a table with three sections, thus:
------------------------------------
Members | New Users | Quick Search
------------------------------------
PHP Code:<table width="640" border="0" cellpadding="0">
<tr align="center" valign="bottom">
<td colspan="2"> </td>
<td> </td>
<td colspan="2"> </td>
</tr>
<tr align="center" valign="middle">
<td colspan="2">Members</td>
<td width="203">New Users</td>
<td colspan="2">Quick Search</td>
</tr>
<tr align="center" valign="middle">
<td colspan="2"> </td>
<td> </td>
<td colspan="2"> </td>
</tr>
<tr align="center" valign="middle">
<td width="74" height="22" align="right">E-Mail</td>
<td width="131"> <INPUT TYPE="text" class="forminput" NAME="EMail" size="20" maxlength="35" /></td>
<td>- Free membership!</td>
<td width="86" align="left">Looking for a</td>
<td width="134" align="left"> <select name="gender" class="formselect">
<option selected>Female</option>
<option>Male</option>
</select></td>
</tr>
<tr align="center" valign="middle">
<td align="right">Password</td>
<td> <INPUT TYPE="text" class="forminput" NAME="Password" size="20" maxlength="35" /></td>
<td>- Free searching!</td>
<td align="left">who is </td>
<td align="left"> <select name="age" class="formselect">
<option value="" selected>Select</option>
<option value="">Any</option>
<option value="18 - 25">18 - 25</option>
<option value="26 - 30">26 - 30</option>
<option value="31 - 35">31 - 35</option>
<option value="36 - 45">36 - 45</option>
<option value="46 - 50">46 - 50</option>
<option value="51 - 99">Above 50</option>
</select></td>
</tr>
<tr align="center" valign="middle">
<td colspan="2"> <input type="submit" name="SubmitLogin" value="Log In"></td>
<td> </td>
<td align="left">and a</td>
<td align="left"> <select name="religion" class="formselect">
<option selected value="">Select</option>
<option value="">Any</option>
<option>Muslim</option>
<option>Hindu</option>
<option>Sikh</option>
</select></td>
</tr>
<tr align="center" valign="middle">
<td colspan="2">Forgot your password?</td>
<td>Join HERE!</td>
<td colspan="2"> <input type="submit" name="QSearch" value="Search">
</td>
</tr>
<tr align="center" valign="middle">
<td colspan="2"> </td>
<td> </td>
<td align="left">Profile ID</td>
<td> <input type="text" class="forminput" name="profileid" value="Enter ID" size="20" maxlength="20"></td>
</tr>
<tr align="center" valign="middle">
<td colspan="2">Not a member yet?</td>
<td height="24"> </td>
<td colspan="2">Advanced Search</td>
</tr>
</table>
New users just click to join.. nothing there.
Quick Search involves selecting a few drop down boxes OR typing in a profile ID to search by. Hence, I need a form for the profile ID field.. right?
Now, when I try to enter the appropriate form tags, it messes up my layout.
Can anyone help please?
Thanks.
Mak
-
Jun 24, 2003, 17:59 #145
- Join Date
- Dec 2001
- Location
- Midlands, UK
- Posts
- 284
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Hi
I think I have done it..
What I have done is have a form for:
1. The user to log-in.
2. Quick search.
3. Profile ID search.
Anyway, trying out sessions what I have is:
PHP Code:<?php // index.php
session_start();
include_once './inc/db.inc';
$uid = isset($_POST['EMail']) ? $_POST['EMail'] : $_SESSION['EMail'];
$pwd = isset($_POST['Password']) ? $_POST['Password'] : $_SESSION['Password'];
if(!isset($EMail)) {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>some title</title>
..
<table width="640" height="238" border="0" cellpadding="0">
<tr>
<td width="200" height="234" align="left" valign="top">
<FORM METHOD="POST" NAME="Login" AUTOCOMPLETE="off" action="<?=$_SERVER['PHP_SELF']?>">
<table width="200" height="122" border="0" cellpadding="0">
<tr>
<tr>
<td valign="middle" align="right" class="mediumblack">Email </td>
<td width="65%" class="forminput"><INPUT TYPE="text" class="forminput" NAME="EMail" size="20" maxlength="35" /></td>
</tr>
<tr>
<td valign="middle" align="right" class="mediumblack">Password </td>
<td class="forminput"><INPUT TYPE="password" class="forminput" NAME="Password" size="20" maxlength="20" /></td>
</tr>
<tr>
<td><br></td>
<td align="center">
<input type="checkbox" name="autologin" value="Y">Automatic login<br>
<a href="#">What is this?</a></td>
</tr>
<tr>
<td><br></td>
<td valign="bottom" align="center" height="18">
<input type="image" src="img/go.gif" border="0">
</td>
</tr>
<tr align="center">
<td height="18" colspan="2" valign="bottom"><a href="#" title="Forgot Password">Forgot
your password?</a></td>
</tr>
<tr align="center">
<td height="18" colspan="2" valign="bottom"><a href="join.php" title="Join Here">Not
a Member yet?</a></td>
</tr>
</table></FORM></td>
<td width="200" align="left" valign="top"> <table width="200" border="0" cellpadding="0">
<tr valign="top">
<td colspan="2" align="center"><font class="largeblackbold">Join
here to create your profile!</font></td>
</tr>
<tr>
<td><img src="imgs/spacer.gif" width="40" height="1" border="0"></td>
<td valign="top" class="mediumblack"><img src="imgs/spacer.gif" width="142" height="8" border="0"><br>
FREE <a href="#" title="Membership">Membership</a><br>
FREE <a href="#" title="Photoprofile">Photoprofile</a><br>
FREE <a href="#" title="Search">Searches</a><br>
</td>
</tr>
<tr>
<td align="center" colspan="2" class="mediumblack"><div align="justify">blah blah blah</div></td>
</tr>
<tr>
<td align="center" colspan="2"><a href="join.php" title="Join Now">Join
Now >></a></td>
</tr>
<tr>
<td height="18" colspan="2" align="left" valign="top"> </td>
</tr>
</table></td>
<td width="200" align="left" valign="top">
<FORM METHOD="POST" NAME="QSearch" action="<?=$_SERVER['PHP_SELF']?>">
<table width="240" border="0" cellpadding="0">
<tr>
<td width="95" align="right" valign="top">Looking for a </td>
<td colspan="2" align="left" valign="top"><select name="gender" class="formselect" style="width:70;">
<option selected>Female</option>
<option>Male</option>
</select></td>
</tr>
<tr>
<td align="right" valign="top">between </td>
<td colspan="2" align="left" valign="top"><select name="age" class="formselect" style="width:70;">
<option value="">Select</option>
<option value="">Any</option>
<option value="18 - 25" selected="selected">18 - 25</option>
<option value="26 - 30">26 - 30</option>
<option value="31 - 35">31 - 35</option>
<option value="36 - 45">36 - 45</option>
<option value="46 - 50">46 - 50</option>
<option value="51 - 99">Above 50</option>
</select></td>
</tr>
<tr>
<td align="right" valign="top">of religion </td>
<td width="78" align="left" valign="top"><select name="religion" class="formselect" style="width:70;">
<option selected value="">Select</option>
<option value="">Any</option>
<option>religion 1</option>
<option>religion 2</option>
<option>religion 3</option>
</select></td>
<td width="49" align="center" valign="bottom"> <input name="image" type="image" src="img/go.gif" border="0">
</td>
</tr>
<tr>
<td align="right" valign="top"> </td>
<td colspan="2" align="left" valign="top"> </td>
</tr>
</table></FORM>
<FORM METHOD="POST" NAME="ProfileSearch" action="<?=$_SERVER['PHP_SELF']?>">
<table width="240" border="0" cellpadding="0">
<tr><td align="right" valign="top">Profile ID </td>
<td width="78" align="left" valign="top"><input type="text" name="ProfileID" class="forminput" size="13" /></td>
<td width="49" align="center" valign="bottom">
<input name="image2" type="image" src="img/go.gif" border="0" />
</td>
</tr>
</table></FORM>
Any ideas?
Thanks.
Mak
-
Jun 24, 2003, 18:21 #146
- Join Date
- Jan 2003
- Posts
- 5,748
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Umm... First I'd change the start to something that actually checks to see if a session has previously been set it's self; and not through $_POST as you've done, ie:
PHP Code:if(!isset($_SESSION['Email'])) {
$_SESSION['Email'] = '';
}
.
PHP Code:.
.
# place after session script I have above
if(!isset($_POST['SUBMITFORM'])) {
?>
<!-- display FORM here -->
<?php
}
else {
$_SESSION['Email'] = (string) $_POST['Email'];
}
.
# rest of script
Anyway, remove the IMG with a normal SUBMIT button and see how it goes ? Hope this'll help...
-
Jun 24, 2003, 18:45 #147
- Join Date
- Dec 2001
- Location
- Midlands, UK
- Posts
- 284
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Hi
Okay, I take it then that I do not need to store their password in their session?
I have done as you said and that seems to work in that it tells me when I press 'Login' if access is denied.
However, at the bottom of the page, regardless, it prints the 'Access Denied' part from the following code:PHP Code:<?php
..
</html>
}
else {
$_SESSION['Email'] = (string) $_POST['Email'];
}
dbConnect("pa" );
$sql = "SELECT * FROM members WHERE
mEmail = '$EMail' AND mPassword = PASSWORD('$Password')";
$result = mysql_query($sql);
if (!$result) {
error('A database error occurred while checking your '.
'login details.\\nIfhis error persists, please '.
'contact [email=you@example.com.']you@example.com.'[/email]);
}
if (mysql_num_rows($result) == 0) {
unset($_SESSION['EMail']);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"[url=http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd]http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd[/url]">
<html xmlns="[url=http://www.w3.org/1999/xhtml]http://www.w3.org/1999/xhtml[/url]">
<head>
<title> Access Denied </title>
<meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1" />
</head>
<body>
<h1> Access Denied </h1>
<p>Your user ID or password is incorrect, or you are not a
registered user on this site. To try logging in again, click
<a href="<?=$_SERVER['PHP_SELF']?>">here</a>. To register for instant
access, click <a href="join.php">here</a>.</p>
</body>
</html>
<?php
exit;
}
?>
Thanks.
Mak [img]images/smilies/smile.gif[/img]
-
Jun 24, 2003, 18:55 #148
- Join Date
- Jan 2003
- Posts
- 5,748
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Going to get some sleep now; although I store password, username and ID to sessions,... look at your script later ? To suggest that your getting the Access Denied though could be the condition ? Maybe a brace out of place somewhere... ? ZZzzz... Yawn
-
Jul 4, 2003, 04:28 #149
- Join Date
- Dec 2001
- Location
- Midlands, UK
- Posts
- 284
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Still not sure..
Hi
I'm still not sure where I am going wrong. What I have is as follows:
PHP Code:?php // index.php
session_start();
include_once './inc/db.inc';
$uid = isset($_POST['EMail']) ? $_POST['EMail'] : $_SESSION['EMail'];
$pwd = isset($_POST['Password']) ? $_POST['Password'] : $_SESSION['Password'];
if(!isset($_SESSION['EMail'])) {
$_SESSION['EMail'] = '';
}
if(!isset($_POST['SUBMITFORM'])) {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>...
</html>
<?php
}
else {
$_SESSION['EMail'] = (string) $_POST['EMail'];
$_SESSION['Password'] = (string) $_POST['Password'];
}
dbConnect("pa");
$sql = "SELECT * FROM members WHERE
mEmail = '$EMail' AND mPassword = PASSWORD('$Password')";
$result = mysql_query($sql);
if (!$result) {
error('A database error occurred while checking your '.
'login details.\\nIfhis error persists, please '.
'contact [email]you@example.com[/email].');
}
if (mysql_num_rows($result) == 0) {
unset($_SESSION['EMail']);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title> Access Denied </title>
<meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1" />
</head>
<body>
<h1> Access Denied </h1>
<p>Your user ID or password is incorrect, or you are not a
registered user on this site. To try logging in again, click
<a href="<?=$_SERVER['PHP_SELF']?>">here</a>. To register for instant
access, click <a href="join.php">here</a>.</p>
</body>
</html>
<?php
exit;
}
?>
Thanks.
MakLast edited by mak-uk; Jul 7, 2003 at 17:51.
-
Jul 7, 2003, 16:24 #150
- Join Date
- Dec 2001
- Location
- Midlands, UK
- Posts
- 284
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Help..anyone..please?
Bookmarks