SitePoint Sponsor

User Tag List

Page 6 of 6 FirstFirst ... 23456
Results 126 to 150 of 150
  1. #126
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    As always, script for GLOBALs being OFF; No buts about it really; you are a developer and yes, you have a responsibility for developing secure scripts

  2. #127
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    I started development after the introduction of PHP 4.2. I have had a look at Kevin's article that he suggested (4.2 and after) but now I am totally confused as I have the previous example and the new example baffling me all over the place.

    Any suggestison? Sorry for being thick..

    Thanks.

    Mak

  3. #128
    blonde.... Sarah's Avatar
    Join Date
    Jul 2001
    Location
    Berkshire, UK
    Posts
    7,442
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Mak

    Don't worry you are not being thick, I rewrote the 'kev' script before he wrote his new article. The sad thing is I don't have a copy here at the moment - can you wait until monday? I basically re wrote kev script to work with php globals off etc, dead easy (although I will admit it took a while!!)

    can you do anything else until then? or maybe flick register globals on in the php.ini to test and get the rest looking good and then I will pop back in Monday am with some help?

    I would revamp the one you posted - BUT its friday night I am 1/2 way down a bottle of wine - and honestly can not really be bothered - is that ok? (us advisors are human after all )

    Cool?

    Thanks
    Sarah
    Regular user

  4. #129
    eschew sesquipedalians silver trophy sweatje's Avatar
    Join Date
    Jun 2003
    Location
    Iowa, USA
    Posts
    3,749
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    IIRC, a very quick hack is
    PHP Code:
    $GLOBALS += $_GET
    at the top of the script. But it really should be recoded to handle it correctly. If you look at the article I mentioned earlier, you can pass an array to my getpost_ifset() function and register all the variables at once.

    HTH
    Jason Sweat ZCE - jsweat_php@yahoo.com
    Book: PHP Patterns
    Good Stuff: SimpleTest PHPUnit FireFox ADOdb YUI
    Detestable (adjective): software that isn't testable.

  5. #130
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Hmm I think this thread has gone on long enough. I'm going to update the article to work with register_globals off...
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  6. #131
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    Sarah.. that's wonderful, thanks.. I can wait 'til Monday..in the meantime I have plenty to be getting on with! I hope you enjoyed your Friday night!! I don't drink but I enjoyed staying in and watching an old favourite which got me motivated for the gym tomorrow - Rocky 2!

    sweatje.. thanks for your help, will look at that in the meantime.

    Kevin.. thanks for your reply once again, I look forward to the updated article. Let me know when you have it done?

    Thanks all.

    Mak

  7. #132
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    The article has now been updated, along with the downloadable code archive. Enjoy! :-)
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  8. #133
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Trying it out..

    Hi

    I am trying out the newly updated article now.

    When I run 'signup.php' I get the following error msg:

    Warning: mail() [function.mail]: SMTP server response: 503 No recipient(s). in d:\inetpub\wwwroot\session_test\signup.php on line 130
    User registration successful!
    Your userid and password have been emailed to someaddresshere@somedomain.whatever, the email address you just provided in your registration form. To log in, click here to return to the login page, and enter your new personal userid and password.

    I think this is referring to the following line(s):
    PHP Code:
    mail($newemail,"Your Password for Your Website"
            
    $message"From:Your Name <you@example.com>"); 
    In my 'php.ini' I have:

    [mail function]
    ; For Win32 only.
    SMTP = localhost ; for Win32 only

    ; For Win32 only.
    sendmail_from =
    me@localhost.com ; for Win32 only

    Oh, and I am running Win XP which has the SMTP server enabled with all the default settings.

    Any ideas?

    Thanks.

    Mak

  9. #134
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Obviously since your using your local machine and you normally wouldn't have an email server, you'll get this message ? Upload the scripts etc to your web space and try again using a known valid email address instead. If not, then download an email server of your own and configure it Try www.mailenabled.com although at the moment the website has .htaccess so try again later to see if they're finished uploading their updates ? Note: it is not easy (I know from experience) to configure your own email server so you may as well use your ISP to access the mail() function, or sign up to an ISP with email access...

  10. #135
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Btw - do you have dial up or broadband access ? If you've got broadband I'll upload and email you the app I have ? It's about 6MB...

  11. #136
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Actually, the problem was a typo in the article. The code in question has now been updated:
    PHP Code:
        mail($_POST['newemail'],"Your Password for Your Website",
             
    $message"From:Your Name <you@example.com>"); 
    The downloadable code archive had the correct code in it, but the article needed updating.
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  12. #137
    blonde.... Sarah's Avatar
    Join Date
    Jul 2001
    Location
    Berkshire, UK
    Posts
    7,442
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Mak - I also was watching Rocky 2 old fav of mine

    Kev - thats great getting that article updated as I know loads of people use it

    So Mak let us know how you are getting on now?
    Regular user

  13. #138
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    So far..

    Hi

    Yeah I love all of the Rocky series. Most people think that it's all about boxing but it isn't much really.. at least not the first three! I have the anthology on DVD.. pretty great! Damn, I wish I could play the new Rocky... (dreamland)

    Anyway, I have gotten Kevin's great tutorial working. If you recall, my sign-up script goes along the following lines:
    PHP Code:
    <?php 
     
    if(!isset($_POST['is_submitted'])) { 
    // Start drop down box queries
    .. etc
    // End drop down box queries
    ?>
     <! ------------------- START FORM  ------------------- >
     <FORM TYPE="SUBMIT" NAME="is_submitted" ACTION="<?php echo($_SERVER['PHP_SELF']); ?>" METHOD="POST">
       <input type=hidden name="is_submitted" value="yes"> 
    </FORM>
     <! ------------------- END FORM  ------------------- >      
    <?php
     
    }
    else {
      
    # FORM has been sent so need to look at values
      
    $Forename   = (string) $_POST['Forename'];
      
    $Surname   = (string) $_POST['Surname'];
       ... 
    etc
     
      
    // Create error array variable
      
    $ErrorArray = array();
     
      
    // Check each input from user - start form validation
      
    .. etc
      
    // End form validation
     
    if(empty($ErrorArray)) {
       echo
    "<h1>You are registered!</h1>";
     
    // generate and execute query
      
    $query "INSERT INTO Members SET
       mForename  =  '"
    .$_POST['Forename']."',
       mSurname  =  '"
    .$_POST['Surname']."',
      ... etc
     
    $result = mysql_query($query) or die ("Error in query$query" . mysql_error());
      
    $memberID = mysql_insert_id();
     
    $query2 = "INSERT INTO Lookup SET
         relMemberID 
    '".$_POST['memberID']."',
         
    relReligionID '".$_POST['religion_id']."',
         ... 
    etc
     
    $result2 
    mysql_query($query2) or die ("Error in query 2: $query2. " mysql_error());
     
    // Email the login details to the person. 
       
    ... etc
    // End Email code
     
    }
      else {
       
    // Found one or more errors
                  
    $nerrors count($ErrorArray);
                  echo (
    'You have '.$nerrors.' errors.<br>');
                  foreach(
    $ErrorArray as $error) {
                      echo(
    'You have this error: '.$error.' Please correct it.<br>');
              }
     
    # now display your FORM here again using
     # same HTML etc - FORM variables and all
     
     // Start drop down box queries
        
    ... etc
     
    // End drop down box queries
    if(empty($ErrorArray["Forename"])) {
      
    $ok_Forename $_POST["Forename"];
     } 
    ... 
    etc
     
    ?>
    <! -- FORM with previously submitted values -- >
     <FORM TYPE="SUBMIT" NAME="is_submitted" ACTION="<?php echo($_SERVER['PHP_SELF']); ?>" METHOD="POST">
      <input type=hidden name="is_submitted" value="yes"> 
    </FORM>
          
     <! ------------------- END FORM  ------------------- >
    <?php   
       
      
    }
    }
    ?>
    Now what I was wondering is:

    1. Firstly, is this sufficient for a sign-up script?
    2. When the user enters ALL valid data, they are e-mailed their login details. Should I then make it that they are automatically logged in.. OR.. divert them to the index page to login?

    Okay.. once I get this stuff a bit clearer, I will ask a bit more about sessions.

    Thanks.

    Mak

  14. #139
    blonde.... Sarah's Avatar
    Join Date
    Jul 2001
    Location
    Berkshire, UK
    Posts
    7,442
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Mak,

    Yes that is sufficient,

    I generally send the login link in the email that you will send them. 'click here to login' type thing, then they are prompted for their details - and voila!

    session themselves are pretty simple, anything that you would like stored as a session do this to store it:
    PHP Code:
    $_SESSION['something_to_store']=$something_to_store 
    and then if you ever need to use that value instead of having
    PHP Code:
    $something_to_store 
    use
    PHP Code:
    $_SESSION['something_to_store'
    instead.

    That simple.

    Off Topic:

    me being a huge sly fan I pretty much have all his moves including rocky and rambo
    Last edited by Kevin Yank; Jun 17, 2003 at 04:12. Reason: Fixed [php] tag.
    Regular user

  15. #140
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    You should definitely not automatically log them in! As is explained in the article, forcing them to log in using the password you sent them by e-mail guarantees that the e-mail address is valid.
    Kevin Yank
    CTO, sitepoint.com
    I wrote: Simply JavaScript | BYO PHP/MySQL | Tech Times | Editize
    Baby’s got back—a hard back, that is: The Ultimate CSS Reference

  16. #141
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    But Rambo 3 and 4 were seriously crap The Rocky Films are no that bad though; missed the film the other night though

  17. #142
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    On a side note.. I love Sly movies too.. am a big fan in-fact!! Rocky is just the best! Love the films (mainly 1-3) and the soundtrack .
    I didn't know they made a Rambo 4? Agreed, Rambo 2 and 3 were not as good as First Blood.. that is a classic! However, Rambo 3 did have a good storyline in terms of showing the suffering of the Afghan people and then Rambo comes in to help with their uprise against the Russians. Ironic that Mr Bin-Laden was part of this 'uprising' that the US helped and later turned on! ![img]images/smilies/eek.gif[/img] [img]images/smilies/mad.gif[/img]

    Okay, so for the sign-up script as I have it, I don't really need sessions then do I?

    So once the user is signed up, they are diverted (or provided with a link as well as e-mail) to the login page (i.e. the main page of the site).

    Now, for the main page of the site, apart from all the usual paraphernalia, I should provide them with a log-in section. Here, I need to iron out a query..

    I have made it so that the user has a unique 'username'. Hence, should they log in with their username, or, should they log in with their e-mail? (Hence, implying, only one registration per e-mail?).

    What do you think?

    Thanks.

    Mak [img]images/smilies/smile.gif[/img]

  18. #143
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Umm... Generally though the email address is their username, no ? And this field (email) is UNIQUE. Helps if you provide a password as well... Remember to use SESSIONs in all your pages you want a user to have access to once they've signed in/logged in/whatever though...

  19. #144
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question Problems

    Hi

    Well I am starting the main page and log-in screen. I am trying it out with a table with three sections, thus:

    ------------------------------------
    Members | New Users | Quick Search
    ------------------------------------
    PHP Code:
    <table width="640" border="0" cellpadding="0">
                  <
    tr align="center" valign="bottom"
                    <
    td colspan="2">&nbsp;</td>
                    <
    td>&nbsp;</td>
                    <
    td colspan="2">&nbsp;</td>
                  </
    tr>
                  <
    tr align="center" valign="middle"
                    <
    td colspan="2">Members</td>
                    <
    td width="203">New Users</td>
                    <
    td colspan="2">Quick Search</td>
                  </
    tr>
                  <
    tr align="center" valign="middle"
                    <
    td colspan="2">&nbsp;</td>
                    <
    td>&nbsp;</td>
                    <
    td colspan="2">&nbsp;</td>
                  </
    tr>
                  <
    tr align="center" valign="middle"
                    <
    td width="74" height="22" align="right">E-Mail</td>
                    <
    td width="131"> <INPUT TYPE="text" class="forminput" NAME="EMail" size="20" maxlength="35" /></td>
                    <
    td>- Free membership!</td>
                    <
    td width="86" align="left">Looking for a</td>
                    <
    td width="134" align="left"> <select name="gender" class="formselect">
                        <
    option selected>Female</option>
                        <
    option>Male</option>
                      </
    select></td>
                  </
    tr>
                  <
    tr align="center" valign="middle"
                    <
    td align="right">Password</td>
                    <
    td> <INPUT TYPE="text" class="forminput" NAME="Password" size="20" maxlength="35" /></td>
                    <
    td>- Free searching!</td>
                    <
    td align="left">who is </td>
                    <
    td align="left"> <select name="age" class="formselect">
                        <
    option value="" selected>Select</option>
                        <
    option value="">Any</option>
                        <
    option value="18 - 25">18 25</option>
                        <
    option value="26 - 30">26 30</option>
                        <
    option value="31 - 35">31 35</option>
                        <
    option value="36 - 45">36 45</option>
                        <
    option value="46 - 50">46 50</option>
                        <
    option value="51 - 99">Above 50</option>
                      </
    select></td>
                  </
    tr>
                  <
    tr align="center" valign="middle"
                    <
    td colspan="2"> <input type="submit" name="SubmitLogin" value="Log In"></td>
                    <
    td>&nbsp;</td>
                    <
    td align="left">and a</td>
                    <
    td align="left"> <select name="religion" class="formselect">
                        <
    option selected value="">Select</option>
                        <
    option value="">Any</option>
                        <
    option>Muslim</option>
                        <
    option>Hindu</option>
                        <
    option>Sikh</option>
                      </
    select></td>
                  </
    tr>
                  <
    tr align="center" valign="middle"
                    <
    td colspan="2">Forgot your password?</td>
                    <
    td>Join HERE!</td>
                    <
    td colspan="2"> <input type="submit" name="QSearch" value="Search"
                    </
    td>
                  </
    tr>
                  <
    tr align="center" valign="middle"
                    <
    td colspan="2">&nbsp;</td>
                    <
    td>&nbsp;</td>
                    <
    td align="left">Profile ID</td>
                    <
    td> <input type="text" class="forminput" name="profileid" value="Enter ID" size="20" maxlength="20"></td>
                  </
    tr>
                  <
    tr align="center" valign="middle"
                    <
    td colspan="2">Not a member yet?</td>
                    <
    td height="24">&nbsp;</td>
                    <
    td colspan="2">Advanced Search</td>
                  </
    tr>
                </
    table
    Now, members log-in with a email and password.. so, I need a form there.

    New users just click to join.. nothing there.

    Quick Search involves selecting a few drop down boxes OR typing in a profile ID to search by. Hence, I need a form for the profile ID field.. right?

    Now, when I try to enter the appropriate form tags, it messes up my layout.

    Can anyone help please?

    Thanks.

    Mak

  20. #145
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    I think I have done it..

    What I have done is have a form for:

    1. The user to log-in.
    2. Quick search.
    3. Profile ID search.

    Anyway, trying out sessions what I have is:
    PHP Code:
    <?php // index.php 
    session_start();
    include_once 
    './inc/db.inc';
    $uid = isset($_POST['EMail']) ? $_POST['EMail'] : $_SESSION['EMail']; 
    $pwd = isset($_POST['Password']) ? $_POST['Password'] : $_SESSION['Password'];
    if(!isset(
    $EMail)) { 
    ?>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html>
    <head>
    <title>some title</title>
    ..
    <table width="640" height="238" border="0" cellpadding="0">
                  <tr>
                    <td width="200" height="234" align="left" valign="top"> 
                    <FORM METHOD="POST" NAME="Login" AUTOCOMPLETE="off" action="<?=$_SERVER['PHP_SELF']?>">
      <table width="200" height="122" border="0" cellpadding="0">
                        <tr>
                          <tr>
                    <td valign="middle" align="right" class="mediumblack">Email&nbsp;</td>
      <td width="65%" class="forminput"><INPUT TYPE="text" class="forminput" NAME="EMail" size="20" maxlength="35" /></td>
      </tr>
      <tr>
                    <td valign="middle" align="right" class="mediumblack">Password&nbsp;</td>
                    <td class="forminput"><INPUT TYPE="password" class="forminput" NAME="Password" size="20" maxlength="20" /></td>
      </tr>
      <tr>
      <td><br></td>
      <td align="center">
      <input type="checkbox" name="autologin" value="Y">Automatic login<br>
                            &nbsp;<a href="#">What is this?</a></td>
      </tr>
      <tr>
      <td><br></td>
                    <td valign="bottom" align="center" height="18"> 
                            <input type="image" src="img/go.gif" border="0">
                          </td>
      </tr>
                  <tr align="center"> 
                          <td height="18" colspan="2" valign="bottom"><a href="#" title="Forgot Password">Forgot 
                            your password?</a></td>
      </tr>
                  <tr align="center"> 
                          <td height="18" colspan="2" valign="bottom"><a href="join.php" title="Join Here">Not 
                            a Member yet?</a></td>
                        </tr>
                      </table></FORM></td>
                    <td width="200" align="left" valign="top"> <table width="200" border="0" cellpadding="0">
                        <tr valign="top"> 
                          <td colspan="2" align="center"><font class="largeblackbold">Join 
                            here to create your profile!</font></td>
                        </tr>
                        <tr> 
                          <td><img src="imgs/spacer.gif" width="40" height="1" border="0"></td>
                          <td valign="top" class="mediumblack"><img src="imgs/spacer.gif" width="142" height="8" border="0"><br>
                            FREE <a href="#" title="Membership">Membership</a><br>
                            FREE <a href="#" title="Photoprofile">Photoprofile</a><br>
                            FREE <a href="#" title="Search">Searches</a><br>
                          </td>
                        </tr>
                        <tr> 
                          <td align="center" colspan="2" class="mediumblack"><div align="justify">blah blah blah</div></td>
                        </tr>
                        <tr> 
                          <td align="center" colspan="2"><a href="join.php" title="Join Now">Join 
                            Now >></a></td>
                        </tr>
                        <tr> 
                          <td height="18" colspan="2" align="left" valign="top">&nbsp;</td>
                        </tr>
                      </table></td>
                    <td width="200" align="left" valign="top"> 
                      <FORM METHOD="POST" NAME="QSearch" action="<?=$_SERVER['PHP_SELF']?>">
          <table width="240" border="0" cellpadding="0">
                        <tr> 
                          <td width="95" align="right" valign="top">Looking for a&nbsp;</td>
                          <td colspan="2" align="left" valign="top"><select name="gender" class="formselect" style="width:70;">
                              <option selected>Female</option>
                              <option>Male</option>
                            </select></td>
                        </tr>
                        <tr> 
                          <td align="right" valign="top">between&nbsp;</td>
                          <td colspan="2" align="left" valign="top"><select name="age" class="formselect" style="width:70;">
                              <option value="">Select</option>
                              <option value="">Any</option>
                              <option value="18 - 25" selected="selected">18 - 25</option>
                              <option value="26 - 30">26 - 30</option>
                              <option value="31 - 35">31 - 35</option>
                              <option value="36 - 45">36 - 45</option>
                              <option value="46 - 50">46 - 50</option>
                              <option value="51 - 99">Above 50</option>
                            </select></td>
                        </tr>
                        <tr> 
                          <td align="right" valign="top">of religion&nbsp;</td>
                          <td width="78" align="left" valign="top"><select name="religion" class="formselect" style="width:70;">
                              <option selected value="">Select</option>
                              <option value="">Any</option>
                              <option>religion 1</option>
                              <option>religion 2</option>
                              <option>religion 3</option>
                            </select></td>
                          <td width="49" align="center" valign="bottom"> <input name="image" type="image" src="img/go.gif" border="0"> 
                          </td>
                        </tr>
                        <tr> 
                          <td align="right" valign="top">&nbsp;</td>
                          <td colspan="2" align="left" valign="top">&nbsp;</td>
                        </tr>
                      </table></FORM>
      <FORM METHOD="POST" NAME="ProfileSearch" action="<?=$_SERVER['PHP_SELF']?>">
                      <table width="240" border="0" cellpadding="0">
                        <tr><td align="right" valign="top">Profile ID&nbsp;</td>
                          <td width="78" align="left" valign="top"><input type="text" name="ProfileID" class="forminput" size="13" /></td>
                          <td width="49" align="center" valign="bottom"> 
                            <input name="image2" type="image" src="img/go.gif" border="0" />
                          </td>
                        
                          
                        </tr>
    </table></FORM>
    The problem is, when I press the first 'Go' to allow the user to log-in or be denied access.. nothing actually happens.

    Any ideas?

    Thanks.

    Mak

  21. #146
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Umm... First I'd change the start to something that actually checks to see if a session has previously been set it's self; and not through $_POST as you've done, ie:

    PHP Code:
    if(!isset($_SESSION['Email'])) {
    $_SESSION['Email'] = '';
    }

    And then set this session to hold the email once the FORM has been submitted; although in your case you've used an IMG - does the script work before you used an IMG ? If not then remove the IMG with a normal SUBMIT button, which leads me to this to check for FORM submission;

    PHP Code:
    .
    .
    # place after session script I have above
    if(!isset($_POST['SUBMITFORM'])) {
    ?>
    <!-- display FORM here -->
    <?php
    }
    else {
    $_SESSION['Email'] = (string) $_POST['Email'];
    }
    .
    # rest of script
    Now, remember to have the session part on every page where you need the Email ? As to how and why your FORM isn't being submitted as is (ie using IMG) I don't know since I never use IMGs anyway for FORM submission... although I suspect from what I've read you need to give an x and y co-ord or x/y variable ? Not too sure there;

    Anyway, remove the IMG with a normal SUBMIT button and see how it goes ? Hope this'll help...

  22. #147
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi

    Okay, I take it then that I do not need to store their password in their session?

    I have done as you said and that seems to work in that it tells me when I press 'Login' if access is denied.

    However, at the bottom of the page, regardless, it prints the 'Access Denied' part from the following code:
    PHP Code:
    <?php
    ..
    </
    html>
    }
    else { 
    $_SESSION['Email'] = (string) $_POST['Email']; 


    dbConnect("pa" ); 
    $sql "SELECT * FROM members WHERE 
    mEmail = '
    $EMail' AND mPassword = PASSWORD('$Password')"
    $result mysql_query($sql); 
    if (!
    $result) { 
    error('A database error occurred while checking your '
    'login details.\\nIfhis error persists, please '
    'contact [email=you@example.com.']you@example.com.'[/email]); 
    }
    if (mysql_num_rows($result) == 0) { 
    unset($_SESSION['
    EMail']); 
    ?> 
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
    "[url=http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd]http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd[/url]"> 
    <html xmlns="[url=http://www.w3.org/1999/xhtml]http://www.w3.org/1999/xhtml[/url]"> 
    <head> 
    <title> Access Denied </title> 
    <meta http-equiv="Content-Type" 
    content="text/html; charset=iso-8859-1" /> 
    </head> 
    <body> 
    <h1> Access Denied </h1> 
    <p>Your user ID or password is incorrect, or you are not a 
    registered user on this site. To try logging in again, click 
    <a href="<?=$_SERVER['
    PHP_SELF']?>">here</a>. To register for instant 
    access, click <a href="join.php">here</a>.</p> 
    </body> 
    </html> 
    <?php 
    exit; 
    }
    ?>
    Any ideas?

    Thanks.

    Mak [img]images/smilies/smile.gif[/img]

  23. #148
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Going to get some sleep now; although I store password, username and ID to sessions,... look at your script later ? To suggest that your getting the Access Denied though could be the condition ? Maybe a brace out of place somewhere... ? ZZzzz... Yawn

  24. #149
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question Still not sure..

    Hi

    I'm still not sure where I am going wrong. What I have is as follows:
    PHP Code:
    ?php // index.php 
    session_start();
    include_once './inc/db.inc';

    $uid = isset($_POST['EMail']) ? $_POST['EMail'] : $_SESSION['EMail']; 
    $pwd = isset($_POST['Password']) ? $_POST['Password'] : $_SESSION['Password'];

    if(!isset($_SESSION['EMail'])) { 
    $_SESSION['EMail'] = ''; 


    if(!isset($_POST['SUBMITFORM'])) { 
    ?> 
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html>
    <head>
    <title>...

    </html>
    <?php
    }
    else { 
    $_SESSION['EMail'] = (string) $_POST['EMail']; 
    $_SESSION['Password'] = (string) $_POST['Password']; 


    dbConnect("pa"); 
    $sql "SELECT * FROM members WHERE 
           mEmail = '
    $EMail' AND mPassword = PASSWORD('$Password')"
    $result mysql_query($sql); 
    if (!
    $result) { 
     
    error('A database error occurred while checking your '
           
    'login details.\\nIfhis error persists, please '
           
    'contact [email]you@example.com[/email].'); 
    }

    if (
    mysql_num_rows($result) == 0) { 
     unset(
    $_SESSION['EMail']); 
     
    ?> 
      <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
       "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
     <html xmlns="http://www.w3.org/1999/xhtml"> 
     <head> 
     <title> Access Denied </title> 
     <meta http-equiv="Content-Type" 
       content="text/html; charset=iso-8859-1" /> 
     </head> 
     <body> 
     <h1> Access Denied </h1> 
     <p>Your user ID or password is incorrect, or you are not a 
        registered user on this site. To try logging in again, click 
        <a href="<?=$_SERVER['PHP_SELF']?>">here</a>. To register for instant 
        access, click <a href="join.php">here</a>.</p> 
     </body> 
     </html> 
     <?php 
     
    exit; 
    }
    ?>
    Any ideas?

    Thanks.

    Mak
    Last edited by mak-uk; Jul 7, 2003 at 17:51.

  25. #150
    SitePoint Addict mak-uk's Avatar
    Join Date
    Dec 2001
    Location
    Midlands, UK
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Help..anyone..please?


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •