CodingForums.com - View Single Post

trixx · 09-11-2008, 11:32 PM

hey erm im a kinda newbie to php have been using it for about 6 months and have ended up with a problem . I have got a site which i use for school but as the school is hooked up on a domain sometimes the different users cookies info displays and messes up . The script i am using is below if any person could help me or make me a login script which uses sessions instead of cookies and i am also able to extract username from sessions to help me fetch data from database

PHP Code:


			
<?php

// Connects to your Database

mysql_connect("dbhost", "dbuser", "dbpass") or die(mysql_error());

mysql_select_db("dbname") or die(mysql_error());



//Checks if there is a login cookie

if(isset($_COOKIE['ID_my_site']))



//if there is, it logs you in and directes you to the members page

{

$username = $_COOKIE['ID_my_site'];

$pass = $_COOKIE['Key_my_site'];

$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());

$total_regged=mysql_num_rows(mysql_query("SELECT * FROM users"));

while($info = mysql_fetch_array( $check ))

{

if ($pass != $info['password'])

{

}

else

{

header("Location: feed.php");



}

}

}



//if the login form is submitted

if (isset($_POST['submit'])) { // if form has been submitted



// makes sure they filled it in

if(!$_POST['username'] | !$_POST['pass']) {

die('You did not fill in a required field.');

}

// checks it against the database



if (!get_magic_quotes_gpc()) {

$_POST['email'] = addslashes($_POST['email']);

}

$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist

$check2 = mysql_num_rows($check);

if ($check2 == 0) {

die('That user does not exist in our database. <a href=reg.php>Click Here to Register</a>');

}

while($info = mysql_fetch_array( $check ))

{



//gives error if the password is wrong

if ($_POST['pass'] != $info['password']) {

die('Incorrect password, please try again.');

}

else

{



// if login is ok then we add a cookie

$_POST['username'] = stripslashes($_POST['username']);

$hour = time() + 3600;

setcookie(ID_my_site, $_POST['username'], $hour);

setcookie(Key_my_site, $_POST['pass'], $hour);



if (strip_tags($_POST['submit'])){

$timenow=time();

mysql_query("UPDATE users SET online='$timenow' WHERE username='$username'");

mysql_query("UPDATE users SET ghostmode='$timenow' WHERE username='$username'");

}



if (strip_tags($_POST['submit'])){

$last=$_SERVER['REMOTE_ADDR'];

mysql_query("UPDATE users SET last='$last' WHERE username='$username'");

}



//then redirect them to the members area

header("Location: feed.php");

}

}

}

else

{



// if they are not logged in

}

?>

this is what i am currently using on my pages to give you an idea on what im stuck on

PHP Code:


			
<?php

// Connects to your Database

mysql_connect("dbhost", "dbuser", "dbpass") or die(mysql_error());

mysql_select_db("dbname") or die(mysql_error());



if(isset($_COOKIE['ID_my_site']))

$username = $_COOKIE['ID_my_site'];

$pass = $_COOKIE['Key_my_site'];

$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());

while($info = mysql_fetch_array( $check ))

if ($pass != $info['password'])

{("Location : index.php");

}

$fetch=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'"));

$metch=mysql_fetch_object(mysql_query("SELECT * FROM messages WHERE user_to='all'"));

$newpoints=$fetch->index2+1;

mysql_query("UPDATE visits SET index2='$newpoints' WHERE username='$username'");

?>

i need the $username= thing so i could extract the username and other info and echo it using sessions instead of cookies could anyone help me plz also how wud i go about including bbcode into my pages

thanks in advance

09-11-2008, 11:32 PM	PM User \| #1
trixx New Coder Join Date: Sep 2008 Posts: 94 Thanks: 4 Thanked 0 Times in 0 Posts	Need Help !! PLZ hey erm im a kinda newbie to php have been using it for about 6 months and have ended up with a problem . I have got a site which i use for school but as the school is hooked up on a domain sometimes the different users cookies info displays and messes up . The script i am using is below if any person could help me or make me a login script which uses sessions instead of cookies and i am also able to extract username from sessions to help me fetch data from database PHP Code: <?php // Connects to your Database mysql_connect("dbhost", "dbuser", "dbpass") or die(mysql_error()); mysql_select_db("dbname") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); $total_regged=mysql_num_rows(mysql_query("SELECT * FROM users")); while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: feed.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] \| !$_POST['pass']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=reg.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { //gives error if the password is wrong if ($_POST['pass'] != $info['password']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['pass'], $hour); if (strip_tags($_POST['submit'])){ $timenow=time(); mysql_query("UPDATE users SET online='$timenow' WHERE username='$username'"); mysql_query("UPDATE users SET ghostmode='$timenow' WHERE username='$username'"); } if (strip_tags($_POST['submit'])){ $last=$_SERVER['REMOTE_ADDR']; mysql_query("UPDATE users SET last='$last' WHERE username='$username'"); } //then redirect them to the members area header("Location: feed.php"); } } } else { // if they are not logged in } ?> this is what i am currently using on my pages to give you an idea on what im stuck on PHP Code: <?php // Connects to your Database mysql_connect("dbhost", "dbuser", "dbpass") or die(mysql_error()); mysql_select_db("dbname") or die(mysql_error()); if(isset($_COOKIE['ID_my_site'])) $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) if ($pass != $info['password']) {("Location : index.php"); } $fetch=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'")); $metch=mysql_fetch_object(mysql_query("SELECT * FROM messages WHERE user_to='all'")); $newpoints=$fetch->index2+1; mysql_query("UPDATE visits SET index2='$newpoints' WHERE username='$username'"); ?> i need the $username= thing so i could extract the username and other info and echo it using sessions instead of cookies could anyone help me plz also how wud i go about including bbcode into my pages thanks in advance