Page 1 of 1

Help with php sessions

Posted: Sat Jun 19, 2010 4:39 am
by BinaryBird
Hi, i am trying to create a registration page. But i want users to access this page only validating their id not be able to access it directly.
Say my landing page is home.php , i have a id field here where users can enter their id. I can check if this id exists in the db and if so take them to register.php where they can enter their details . But they should not be able to access the register page directly.

A friend of mine tried to help me with this. He is using sessions.

Here is the code for the home page

Code: Select all

<?php
        session_start();
        require_once('connection.php');
       if(!isset($_SESSION['id']))
     {
        if(isset($_POST['submit']))
        {
            $id = $_POST['id'];


           if(!empty($id))
           {
                $query = "SELECT * FROM studentids where usn='".$id."'"; /* Please change the tablename and id column name here*/
                $result = mysqli_query($conn,$query);
                 while ($row = mysqli_fetch_array($result))
                   {
                      $tid = $row['usn'];            /* If Column Name is not id then you need to make changes here */

                   }
              if($tid == $id)
              {
                $row = mysqli_fetch_array($result);
                $_SESSION['id'] = $id;


                setcookie('id', $row['id'], time()+(60*60*24*30));
                $url = 'http://www.googlewaveindia.com/';
                $url .= 'shantanu/apps/register.php';                /*Change the path to redirect into register.php  */
                header('Location: ' . $url);
              }

              else
              {
                echo '<p class="error">Sorry,You must enter a valid ID to log in.</p>';
              }

           }
         else
         {
                echo '<p class="error">Sorry,You must enter your ID to log in.</p>';
         }

        }
     }


 ?>
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
  <title>Validation</title>
</head>

<body>
      <form id="createaccount" name="createaccount" action="register.php" method="post" >
      ID:<input type="text" name="id"  id="id" size="30" value="" />
      <input style="width:19em" id="submit"  name="submit" type="submit" value='Validate' />
      </form>
</body>
</html>
This is not validating.

Here is the link : http://www.googlewaveindia.com/shantanu ... gister.php

could some one tell me what could be wrong? Thanks.

Re: Help with php sessions

Posted: Sat Jun 19, 2010 8:56 am
by Phoenixheart
I see a "header already sent" error. Make sure you don't output anything to the browser before calling session_start(). Apparently there's a "<br />" tag there that breaks the code.

Re: Help with php sessions

Posted: Sat Jun 19, 2010 5:06 pm
by BinaryBird
If i remove the session_start() from the code, i donot get this error. But i dont see any other code before this statement. I am not sending anything more to the browser. I could find the " that you mentioned which is breaking the code.

Code: Select all

 <?php // require_once('./startsession.php');

  if (!isset($_SESSION['id'])) {
       echo '<p class="login">Please <a href="newregister.php">log in</a> to access this page.</p>';   /* Change the path of the newregister.php page if needed   */
             exit();
  } ?>
<?php
/*
	Google App User Registration
	Version 1.0
	Copyright(C) 2010 - Yifan Lu

	Design and web page code Copyright(C) 2010 Google

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

// SETTINGS: PLEASE SET!
$googleDomain = ""; // no www
$adminUsername = ""; // no @example.com, must have permissions to create users
$adminPassword = ""; // PLEASE KEEP THIS SCRIPT SAFE, CHMOD IT TO BE SECURE

$companyName = "";
$logoURL = "https://mail.google.com/mail/help/images/logo2.gif"; // 143x59
// END OF SETTINGS

require_once('./createGoogleAppUser.php');

// Check to see if a form has been submitted
if(isset($_POST['submitbutton']))
{
	// Get submitted data

	$firstName = $_POST['FirstName'];
	$lastName = $_POST['LastName'];
	$username = $_POST['Email'];
	$password = $_POST['Passwd'];
	$confirm = $_POST['PasswdAgain'];




	// Check password
	if(strlen($password) < 8) {
		$result = "Password is too short.";
	}elseif($password != $confirm) {
		$result = "Passwords does not match!";
	}else{
		// Create a new CreateGoogleAppUser object

		// Option 1 (Recommended): Automatic mode
		$googleApps = new CreateGoogleAppUser($googleDomain, $adminUsername, $adminPassword);

		// Option 2 (Advanced): Manual mode (Manual mode allows additional settings to be specified)
		/*
		$googleApps = new CreateGoogleAppUser();
		$googleApps->googleDomain = $googleDomain;
		$googleApps->adminUsername = $adminUsername;
		$googleApps->adminPassword = $adminPassword;
		$googleApps->login();
		*/

		// Create the user
		$result = $googleApps->createUser($firstName, $lastName, $username, $password);
	}

	if($result === true) // Result is the boolean TRUE, therefore we can redirect to login
	{
		header('Location: https://www.google.com/a/'.$googleDomain.'/ServiceLogin');
		exit;
    }
    }

?>
<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
  <title>Create an Account</title>
  <style type="text/css"><!--


    body {
      font-family: arial, sans-serif;
      margin: 0;
      padding: 13px 15px 15px;

    }
    .body {
      margin: 0;
    }
    div.errorbox-good {}

    div.errorbox-bad {}

    div.errormsg { color: red; font-size: smaller; font-family: arial,sans-serif;}
    font.errormsg { color: red; font-size: smaller; font-family: arial,sans-serif;}


    div.topbar {
      font-size:smaller;
      margin-right: -5px;
      text-align:right;
      white-space:nowrap;
    }
    div.header {
      margin-bottom: 9px;
      margin-left: -2px;
      position:relative;
      zoom: 1
    }
    div.header img.logo {
      border: 0;
      float:left;
    }
    div.header div.headercontent {
      float:right;
      margin-top:17px;
    }
    div.header:after{
      content:".";
      display:block;
      height:0;
      clear:both;
      visibility:hidden;
    }
    div.pagetitle {
      font-weight:bold;
    }

    .footer {
      color: #666;
      font-size: smaller;
      margin-top: 40px;
      text-align: center;
    }

    table#signupform {
      left: -5px;
      top: -7px;
      position:relative;
    }
    table#signupform td{
      padding: 7px 5px;
    }
    table#signupform td table td{
      padding: 1px;
    }






  --></style>
</head>
<style type="text/css"><!--


  .gaia.ops.gsl { font-family: arial, sans-serif; color: #3366cc; font-weight: bold;}


  .gaia.sub.el { font-family: arial, sans-serif; font-size: smaller; font-weight: bold;}
  .gaia.sub.pl { font-family: arial, sans-serif; font-size: smaller; font-weight: bold; }
  .gaia.sub.rpl { font-family: arial, sans-serif; font-size: smaller; font-weight: bold; }
  .gaia.sub.es { font-family: arial, sans-serif; font-size: smaller; font-style: italic; }
  .gaia.sub.seex { font-family: arial, sans-serif; font-size: smaller; color: #6f6f6f; }
  .gaia.sub.pc { font-family: arial,sans-serif; font-size: smaller; color: #6f6f6f; }


   .gaia.cca.al { font-family: arial, sans-serif; font-size: smaller; font-weight: bold;}
  .gaia.cca.ol { font-family: arial, sans-serif; font-size: x-small;}
  .gaia.cca.cmt { font-family: arial, sans-serif; font-size: smaller; color: #6f6f6f; }


   .gaia.cud.cl { font-family: arial, sans-serif; font-size: smaller; font-weight: bold;}


  .gaia.captchahtml.desc { font-family: arial, sans-serif; font-size: smaller; }
  .gaia.captchahtml.cmt { font-family: arial, sans-serif; font-size: smaller; color: #6f6f6f; }

--></style>
  <body bgcolor="#ffffff"
        text="#000000"
        link="#0000cc"
        vlink="#551a8b"
        alink="#ff0000"
        dir='ltr'
        >
<table width=95% border=0 align=center cellpadding=0 cellspacing=0>
  <tr valign=top>
  <td width=1%>
  <img src="<?php echo $logoURL; ?>" border=0 width=143 height=59 alt="<?php echo $companyName; ?>" align=left vspace=10/>
  </td>
  <td width=99% bgcolor=#ffffff valign=top>
  <table width=100% cellpadding=1>
  <tr valign=bottom>
  <td><div align=right>&nbsp;</div></td>
  </tr>
  <tr>
  <td nowrap=nowrap>
  <table width=100% align=center cellpadding=0 cellspacing=0 bgcolor=#C3D9FF style=margin-bottom:5>
  <tr>
  <td class="bubble tl" align=left valign=top><div class="SPRITE_corner_tl" /></td>
  <td class=bubble rowspan=2 style="font-family:arial;text-align:left;font-weight:bold;padding:5 0"><b>Create a <?php echo $companyName; ?> Account</b></td>
  <td class="bubble tr" align=right valign=top><div class="SPRITE_corner_tr" /></td>
  </tr>
  <tr>
  <td class="bubble bl" align=left valign=bottom><div class="SPRITE_corner_bl" /></td>
  <td class="bubble br" align=right valign=bottom><div class="SPRITE_corner_br" /></td>
  </tr>
  </table>
  </td>
  </tr>
  </table>
  </td>
  </tr>
</table>
  <div class="body">
  <h3>
  Create an Account
</h3>
<table width="700">
  <tr>
  <td>
  <font size="-1">
  Your <?php echo $companyName; ?> Account gives you access to Gmail and <a href="http://www.google.com/help/faq_accounts.html" target="_blank">other Google services</a>.
  </font>
  <font size="-1">
  If you already have a <?php echo $companyName; ?> Account, you can <a href='https://www.google.com/a/<?php echo $googleDomain; ?>/ServiceLogin' >sign in here</a>.
  </font>
  </td>
  </tr>
</table>
<br/>
  <form id="createaccount" name="createaccount" action="register.php"
             method="post"">
  <table cellpadding="2" bgcolor="white" cellspacing="0" border="0" width="1%">
  <tr><td>
  <table bgcolor="#cbdced" border="0" cellpadding="2" cellspacing="0"
           width="1%">
  <tr><td>
  <table bgcolor="#eeeeee" border="0" cellpadding="2"
                cellspacing="0" width="100%">
  <tr><td bgcolor="#ffffff" valign="top"  align="center">
  <table cellspacing="0" cellpadding="5" width="100%"
                  bgcolor="#ffffff" border="0">
  <tr>
  <td colspan="2" valign="top">
  <span class="gaia ops gsl">
  Get started with <?php echo $companyName; ?>
  <br/>
  </span>
  <div class="errormsg" id="errormsg">
  <?php echo $result; ?>
  </div>
  </td>
  </tr>

  <tr id='AttrRowFirstName' style='display: table-row'>
  <td nowrap="nowrap" valign="top" id='AttrLabelCellFirstName'>
  <span class="gaia cca al">
  First name:
  </span>
  </td>
   <td id='AttrLabelCellFirstName'>
  <script type="text/javascript"><!--
              function openWindow(url, w, h) {
                var popupWin =
                  window.open(url, 'windowname',
                  'width=' + w + ', height=' + h + ', location=no, menubar=no, status=no, toolbar=no, scrollbars=yes, resizable=yes');
              }
             --></script>

  <div>
  <input type="text" name="FirstName"  id="FirstName"
  size="30" value="<?php echo htmlspecialchars($firstName); ?>" />
  </div>
  </td>
  </tr>
  <tr id='AttrRowLastName' style='display: table-row'>
  <td nowrap="nowrap" valign="top" id='AttrLabelCellLastName'>
  <span class="gaia cca al">
  Last name:
  </span>
  </td>
  <td id='AttrLabelCellLastName'>
  <script type="text/javascript"><!--
              function openWindow(url, w, h) {
                var popupWin =
                  window.open(url, 'windowname',
                  'width=' + w + ', height=' + h + ', location=no, menubar=no, status=no, toolbar=no, scrollbars=yes, resizable=yes');
              }
             --></script>
  <div>
  <input type="text" name="LastName"  id="LastName"
  size="30" value="<?php echo htmlspecialchars($lastName); ?>"


  />
  </div>
  </td>
  </tr>
<tr>
  <td valign="top" nowrap="nowrap">
  <font size="-1" face="Arial, sans-serif"><b>
  Desired Login Name:
  </b></font>
  <b>&nbsp;</b>
  </td>
  <td nowrap="nowrap">
  <table border="0" dir="ltr">
  <tr>
  <td dir="ltr">
  <bdo dir="ltr">
  <div>
  <div id="googleIdTextfield" style="display:block">
  <input type="text" name="Email"  id="Email"
  size="30" value="<?php echo htmlspecialchars($username); ?>"


  />
  </div>
  </div>
  </bdo>
  <div id="googleIdExampleTextDiv" style="display:block;" align="left">
  <font size="-1" face="Arial, sans-serif" color="#6f6f6f">
  Examples: JSmith, John.Smith
  </font>
  </div>
  <div id="googleIdCheckAvailDiv" style="display:none;">
<div id="errorDIV">
  <font size="-1" face="Arial, sans-serif">
  <br>
  <table cellpadding="0" cellspacing="0">
  <tr><td>
  </td></tr>
  </table>
  </font>
</div>
  </td>
  <td valign="top" nowrap="nowrap">
  <bdo dir="ltr">
  <font size="-1" face="Arial, sans-serif">
  <i>@<?php echo $googleDomain; ?></i>
  </font>
  </bdo>
  </td>
  </tr>
  </table>
  </td>
</tr>
  <tr>
  <td valign="top" width="1%" nowrap="nowrap">
  <font size="-1" face="Arial, sans-serif"><b>
  Choose a password:
  &nbsp;&nbsp;</b></font>
  </td>
  <td valign="top">
  <table cellpadding="0" bgcolor="#ffffff" cellspacing="0" border="0">
  <tbody>
  <tr>
  <td valign="top">
  <div>
  <input type="password"
   name="Passwd" id="Passwd"
  size="30"

  />
  </div>
  <font size="-1" face="arial,sans-serif" color="#6f6f6f">
  Minimum of 8 characters in length.
  </font>
  </td>
  </tr>
  </tbody>
  </table>
  </td>
  </tr>
  <tr>
  <td valign="top"  nowrap="nowrap">
  <font size="-1" face="Arial, sans-serif"><b>
  Re-enter password:
  </b>
  </font>
  </td>
  <td>
  <div>
  <input type="password"
   name="PasswdAgain" id="PasswdAgain"
  size="30"




  />
  </div>
  </td>
  </tr>
  <tr>
  <td colspan="1">
  &nbsp;
  </td>
  <td colspan="1" align="center">
  <input style="width:19em"
                     id="submitbutton"
                     name="submitbutton" type="SUBMIT"
                     value='Create my account.' />
  </td>
  </tr>
  </table>
  </td></tr>
  </table>
  </td>
  </tr>
  </table>
  </td></tr>
  </table>
  </form>

  </div>
  <table width=95% align=center cellpadding=3 cellspacing=0 bgcolor=#C3D9FF style=margin-bottom:5>
  <tr>
  <td class="bubble tl" align=left valign=top><div class="SPRITE_corner_tl" /></td>
  <td class=bubble rowspan=2 style=text-align:left>
  <div align=center>
  <font size=-1 color=#666666>&copy;2010 Google</font>
  </div>
  </td>
  <td class="bubble tr" align=right valign=top><div class="SPRITE_corner_tr" /></td>
  </tr>
  <tr>
  <td class="bubble bl" align=left valign=bottom><div class="SPRITE_corner_bl" /></td>
  <td class="bubble br" align=right valign=bottom><div class="SPRITE_corner_br" /></td>
  </tr>
</table>

  </body>
</html>
Or is there any other way to go to this page (register.php) on successful validation of an id from the db in the newregister.php page ? Kindly help me as i an new to php.

The script is to create google apps accounts through a php script. I wanted to add some kind of validation before that.

Re: Help with php sessions

Posted: Mon Jun 21, 2010 10:42 am
by Phoenixheart
There was a mistake in my previous post. What I meant was, I see a

Code: Select all

<br />
in the page source. Check if you accidentally print it out somewhere - the included files maybe.