Need Help !! PLZ

[trixx]

hey erm im a kinda newbie to php have been using it for about 6 months and have ended up with a problem . I have got a site which i use for school but as the school is hooked up on a domain sometimes the different users cookies info displays and messes up . The script i am using is below if any person could help me or make me a login script which uses sessions instead of cookies and i am also able to extract username from sessions to help me fetch data from database

PHP Code:

<?php
// Connects to your Database
mysql_connect("dbhost", "dbuser", "dbpass") or die(mysql_error());
mysql_select_db("dbname") or die(mysql_error());

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
$total_regged=mysql_num_rows(mysql_query("SELECT * FROM users"));
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: feed.php");

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=reg.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{

//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{

// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);

if (strip_tags($_POST['submit'])){
$timenow=time();
mysql_query("UPDATE users SET online='$timenow' WHERE username='$username'");
mysql_query("UPDATE users SET ghostmode='$timenow' WHERE username='$username'");
}

if (strip_tags($_POST['submit'])){
$last=$_SERVER['REMOTE_ADDR'];
mysql_query("UPDATE users SET last='$last' WHERE username='$username'");
}

//then redirect them to the members area
header("Location: feed.php");
}
}
}
else
{

// if they are not logged in
}
?>

this is what i am currently using on my pages to give you an idea on what im stuck on

PHP Code:

<?php
// Connects to your Database
mysql_connect("dbhost", "dbuser", "dbpass") or die(mysql_error());
mysql_select_db("dbname") or die(mysql_error());

if(isset($_COOKIE['ID_my_site']))
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
if ($pass != $info['password'])
{("Location : index.php");
}
$fetch=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'"));
$metch=mysql_fetch_object(mysql_query("SELECT * FROM messages WHERE user_to='all'"));
$newpoints=$fetch->index2+1;
mysql_query("UPDATE visits SET index2='$newpoints' WHERE username='$username'");
?>

i need the $username= thing so i could extract the username and other info and echo it using sessions instead of cookies could anyone help me plz also how wud i go about including bbcode into my pages

thanks in advance

[mic2100]

there will be a few changes u need to do to achieve this

first you gotta take away all references to $_COOKIE and replace them with $_SESSION, then change...

PHP Code:

setcookie(ID_my_site, $_POST['username'], $hour); 
setcookie(Key_my_site, $_POST['pass'], $hour); 


to...

PHP Code:

$_SESSION['ID_my_site'] = $_POST['username']; 
$_SESSION['Key_my_site'] = $_POST['pass']; 


you must do this with any references to setcookie()

you will need to change all of these throughout the whole site for it to work correctly.
also i have found that session garbage collection or webservers can be done quite quickly some times, i wud recommend that you create a manual location to store sessions (outside of the root if possible), you do this like so...

PHP Code:

ini_set("session.save_path", $_SERVER['DOCUMENT_ROOT']."/sessions"); //sets the save path for the session variables 
ini_set("session.gc_maxlifetime", "10000"); //sets the lifetime of the session before it removed.
session_start(); 


[BoltZ]

Are you talking about a login script that logs the person out when they close the browser?

[trixx]

this is not working for me as the code i need is for me to use the session information to display user info

e.g.

PHP Code:

);
}
$fetch=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'")); 


This is the code i will use to fetch the data from that specified username

For the moment i am using cookies so my $username bit is this

PHP Code:

]))
$username = $_COOKIE['ID_my_site']; 


i want to get rid of cookies and use sessions but still be able to do this

PHP Code:

$username = get_info_from_session

echo $fetch->username 


something along these lines

[mic2100]

to access the elements of the session u need to access them like this...

PHP Code:

$username = $_SESSION['ID_my_site']; 


[trixx]

k but would i have to lyk have a session start at the beginnin if i did how wud i go about doin that also hw wud i go about puttin bbcode in my pages

e.g if sum1 ryts sumfin in a text box which gets updated into their data hw wud i display it on their profile page

e.g

textbox [img]url[/img]

to be displayed on profile as image

[mic2100]

if you are wanting to do BB code i suggest downloading a BBcode converter

this is one i found on google but there are loads out there...
http://www.iceteks.com/articles.php/javascript2/3

[trixx]

k wot about my other problem