The codes can support PHP 4 and 5. I'm using a later version of XAMMP 1.6.5.
I have no problems with the database in adding users. The only problem is when I try to login the users that I have made.
I can't seem to find the problem with the code, I have had helped in constructing these though for I am just yet a beginner in coding php.
Code: Select all
<?php
/*********************************************************************************
* Filename: Login.php
* PHP 4.0 build
*********************************************************************************/
//-------------------------------
// Login CustomIncludes begin
include ("./common.php");
include ("./Header.php");
include ("./Footer.php");
// Login CustomIncludes end
//-------------------------------
session_start();
//===============================
// Save Page and File Name available into variables
//-------------------------------
$sFileName = "Login.php";
//===============================
//===============================
// Login PageSecurity begin
// Login PageSecurity end
//===============================
//===============================
// Login Open Event begin
// Login Open Event end
//===============================
//===============================
// Login OpenAnyPage Event start
// Login OpenAnyPage Event end
//===============================
//===============================
//Save the name of the form and type of action into the variables
//-------------------------------
$sAction = get_param("FormAction");
$sForm = get_param("FormName");
//===============================
// Login Show begin
//===============================
// Perform the form's action
//-------------------------------
// Initialize error variables
//-------------------------------
$sLoginErr = "";
//-------------------------------
// Select the FormAction
//-------------------------------
switch ($sForm) {
case "Login":
Login_action($sAction);
break;
}
//===============================
//===============================
// Display page
//===============================
// HTML Page layout
//-------------------------------
?><html>
<head>
<title>CS Online Rent-a-Car</title>
<meta name="GENERATOR" content="CS">
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"></head>
<body style="background-color: #FFFFFF; color: #000000; font-family: Arial, Tahoma, Verdana, Helveticabackground-color: #FFFFFF; color: #000000; font-family: Arial, Tahoma, Verdana, Helvetica">
<center>
<table>
<tr>
<td valign="top"><html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>CS Online Rent-a-Car</title>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_preloadImages() { //v3.0
var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
function MM_swapImgRestore() { //v3.0
var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_findObj(n, d) { //v4.01
var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
//-->
</script>
</head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" onLoad="MM_preloadImages('images/mazda6_1.jpg','images/home_2.jpg','images/aboutus_2.jpg','images/contactus_2.jpg')">
<table width="778" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><img src="images/header1.jpg" width="778" height="110"></td>
</tr>
</table>
<table width="778" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="55"><img src="images/header2.jpg" width="55" height="43"></td>
<td width ="17"><a href="default.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('home','','images/home_2.jpg',1)"><img src="images/home_1.jpg" alt="home" name="home" width="63" height="43" border="0"></a></td>
<td width ="114" valign="middle"><a href="about.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('aboutphilmar','','images/aboutus_2.jpg',1)"><img src="images/aboutus_1.jpg" alt="aboutphilmar" name="aboutphilmar" width="114" height="43" border="0"></a></td>
<td width ="111"><a href="contact.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('contactus','','images/contactus_2.jpg',1)"><img src="images/contactus_1.jpg" alt="contactus" name="contactus" width="108" height="43" border="0"></a></td>
<td width ="455"><img src="images/header3.jpg" width="438" height="43"></td>
</tr>
</table>
<table width="778" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="55"><img src="images/header4.jpg" width="55" height="48"></td>
<td> </td>
<td width="438"><img src="images/header5.jpg" width="438" height="48"></td>
</tr>
</table>
</body>
</html>
<?php Menu_show() ?>
</td>
</tr>
</table>
</center>
<table width="760" align="center">
<tr>
<td align="center">
<hr color="#800000"><center>
<table>
<tr>
<td valign="top">
<?php Login_show() ?>
</td>
</tr>
</table>
<hr color="#800000" width="60%">
</td>
</tr>
</table>
<center>
<table>
<tr>
<td valign="top">
<?php Footer_show() ?>
</td>
</tr>
</table>
</center>
</body>
</html>
<?php
// Login Show end
//===============================
// Login Close Event begin
// Login Close Event end
//===============================
//********************************************************************************
//===============================
// Login Form Action
//-------------------------------
function Login_action($sAction)
{
global $db;
global $sLoginErr;
global $sFileName;
global $styles;
switch(strtolower($sAction))
{
case "login":
//-------------------------------
// Login Login begin
//-------------------------------
$sLogin = get_param("Login");
$sPassword = get_param("Password");
$db->query("SELECT member_id,member_level FROM members WHERE member_login =" . tosql($sLogin, "Text") . " AND member_password=" . tosql($sPassword, "Text"));
$is_passed = $db->next_record();
//-------------------------------
// Login OnLogin Event begin
// Login OnLogin Event end
//-------------------------------
if($is_passed)
{
//-------------------------------
// Login and password passed
//-------------------------------
set_session("UserID", $db->f("member_id"));
set_session("UserRights", $db->f("member_level"));
$sPage = get_param("ret_page");
if (strlen($sPage))
header("Location: " . $sPage);
else
header("Location: Reservation.php");
}
else
{
$sLoginErr = "Login or Password is incorrect.";
}
//-------------------------------
// Login Login end
//-------------------------------
break;
case "logout":
//-------------------------------
// Logout action
//-------------------------------
//-------------------------------
// Login Logout begin
//-------------------------------
//-------------------------------
// Login OnLogout Event begin
// Login OnLogout Event end
//-------------------------------
session_unregister("UserID");
session_unregister("UserRights");
if(strlen(get_param("ret_page")))
header("Location:" . $sFileName . "?ret_page=" . urlencode(get_param("ret_page")));
else
header("Location:" . $sFileName);
//-------------------------------
// Login Logout end
//-------------------------------
break;
}
}
//===============================
//===============================
// Display Login Form
//-------------------------------
function Login_show()
{
global $sLoginErr;
global $db;
global $sFileName;
global $styles;
$querystring = get_param("querystring");
$ret_page = get_param("ret_page");
$sFormTitle = "Enter username and password";
//-------------------------------
// Login Show begin
//-------------------------------
//-------------------------------
// Login Open Event begin
// Login Open Event end
//-------------------------------
?>
<table style="width:100%">
<form action="<?= $sFileName ?>" method="POST">
<input type="hidden" name="FormName" value="Login">
<tr><td style="background-color: #336699; text-align: Center; border-style: outset; border-width: 1" colspan="2"><font style="font-size: 10pt; color: #FFFFFF; font-weight: bold"><?=$sFormTitle?></font></td></tr>
<? if ($sLoginErr) { ?>
<tr><td colspan="2" style="background-color: #FFFFFF; border-width: 1"><font style="font-size: 10pt; color: #000000"><?= $sLoginErr ?></font></td></tr>
<? } ?>
<?
if(get_session("UserID") == "")
{
//-------------------------------
//- User is not logged in
//-------------------------------
?>
<tr><td style="background-color: #FFEAC5; border-style: inset; border-width: 0"><font style="font-size: 10pt; color: #000000">Login</font></td><td style="background-color: #FFFFFF; border-width: 1"><input type="text" name="Login" value="<?=tohtml(get_param("Login"))?>" maxlength="50"></td></tr>
<tr><td style="background-color: #FFEAC5; border-style: inset; border-width: 0"><font style="font-size: 10pt; color: #000000">Password</font></td><td style="background-color: #FFFFFF; border-width: 1"><input type="password" name="Password" maxlength="50"></td></tr>
<tr><td colspan="2">
<input type="hidden" name="FormAction" value="login">
<input type="submit" value="Login">
</td></tr>
<?
}
else
{
//-------------------------------
// User is logged in
//-------------------------------
$db->query("SELECT member_login FROM members WHERE member_id=". get_session("UserID"));
$db->next_record();
?>
<tr><td style="background-color: #FFFFFF; border-width: 1"><font style="font-size: 10pt; color: #000000"> <?= $db->f("member_login") ?></font>
<input type="hidden" name="FormAction" value="logout">
<input type="submit" value="Logout">
</td></tr>
<?
}
?>
<input type="hidden" name="ret_page" value="<?= $ret_page ?>"><input type="hidden" name="querystring" value="<?= $querystring ?>"></td></tr>
</form></table>
<?
//-------------------------------
// Login Close Event begin
// Login Close Event end
//-------------------------------
//-------------------------------
// Login Show end
//-------------------------------
}
//===============================
?>Code: Select all
<?php
/*********************************************************************************
* Filename: Registration.php
* PHP 4.0 build
*********************************************************************************/
//-------------------------------
// Registration CustomIncludes begin
include ("./common.php");
include ("./Header.php");
include ("./Footer.php");
// Registration CustomIncludes end
//-------------------------------
session_start();
//===============================
// Save Page and File Name available into variables
//-------------------------------
$sFileName = "Registration.php";
//===============================
//===============================
// Registration PageSecurity begin
// Registration PageSecurity end
//===============================
//===============================
// Registration Open Event begin
// Registration Open Event end
//===============================
//===============================
// Registration OpenAnyPage Event start
// Registration OpenAnyPage Event end
//===============================
//===============================
//Save the name of the form and type of action into the variables
//-------------------------------
$sAction = get_param("FormAction");
$sForm = get_param("FormName");
//===============================
// Registration Show begin
//===============================
// Perform the form's action
//-------------------------------
// Initialize error variables
//-------------------------------
$sRegErr = "";
//-------------------------------
// Select the FormAction
//-------------------------------
switch ($sForm) {
case "Reg":
Reg_action($sAction);
break;
}
//===============================
//===============================
// Display page
//===============================
// HTML Page layout
//-------------------------------
?><html>
<head>
<title>CS Online Rent-a-Car</title>
<meta name="GENERATOR" content="CS">
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"></head>
<body style="background-color: #FFFFFF; color: #000000; font-family: Arial, Tahoma, Verdana, Helveticabackground-color: #FFFFFF; color: #000000; font-family: Arial, Tahoma, Verdana, Helvetica">
<center>
<table>
<tr>
<td valign="top"><html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>CS Online Rent-a-Car</title>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_preloadImages() { //v3.0
var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
function MM_swapImgRestore() { //v3.0
var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_findObj(n, d) { //v4.01
var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
//-->
</script>
</head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" onLoad="MM_preloadImages('images/mazda6_1.jpg','images/home_2.jpg','images/aboutus_2.jpg','images/contactus_2.jpg')">
<table width="778" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><img src="images/header1.jpg" width="778" height="110"></td>
</tr>
</table>
<table width="778" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="55"><img src="images/header2.jpg" width="55" height="43"></td>
<td width ="17"><a href="default.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('home','','images/home_2.jpg',1)"><img src="images/home_1.jpg" alt="home" name="home" width="63" height="43" border="0"></a></td>
<td width ="114" valign="middle"><a href="about.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('aboutphilmar','','images/aboutus_2.jpg',1)"><img src="images/aboutus_1.jpg" alt="aboutphilmar" name="aboutphilmar" width="114" height="43" border="0"></a></td>
<td width ="111"><a href="contact.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('contactus','','images/contactus_2.jpg',1)"><img src="images/contactus_1.jpg" alt="contactus" name="contactus" width="108" height="43" border="0"></a></td>
<td width ="455"><img src="images/header3.jpg" width="438" height="43"></td>
</tr>
</table>
<table width="778" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="55"><img src="images/header4.jpg" width="55" height="48"></td>
<td> </td>
<td width="438"><img src="images/header5.jpg" width="438" height="48"></td>
</tr>
</table>
</body>
</html>
<?php Menu_show() ?>
</td>
</tr>
</table>
</center>
<table width="760" align="center">
<tr>
<td align="center">
<hr color="#800000"><center>
<table>
<tr>
<td valign="top">
<?php Reg_show() ?>
</td>
</tr>
</table>
<hr color="#800000" width="60%">
</td>
</tr>
</table>
<center>
<table>
<tr>
<td valign="top">
<?php Footer_show() ?>
</td>
</tr>
</table>
</center>
</body>
</html>
<?php
// Registration Show end
//===============================
// Registration Close Event begin
// Registration Close Event end
//===============================
//********************************************************************************
//===============================
// Action of the Record Form
//-------------------------------
function Reg_action($sAction)
{
//-------------------------------
// Initialize variables
//-------------------------------
global $db;
global $sForm;
global $sRegErr;
global $styles;
$bExecSQL = true;
$sActionFileName = "";
$sWhere = "";
$bErr = false;
$pPKmember_id = "";
$fldmember_login = "";
$fldmember_password = "";
$fldmember_password2 = "";
$fldfirst_name = "";
$fldlast_name = "";
$fldemail = "";
$fldaddress = "";
$fldphone = "";
$fldcard_type_id = "";
$fldcard_number = "";
//-------------------------------
//-------------------------------
// Reg Action begin
//-------------------------------
$sActionFileName = "Default.php";
//-------------------------------
// CANCEL action
//-------------------------------
if($sAction == "cancel")
{
//-------------------------------
// Reg BeforeCancel Event begin
// Reg BeforeCancel Event end
//-------------------------------
header("Location: " . $sActionFileName);
}
//-------------------------------
//-------------------------------
// Build WHERE statement
//-------------------------------
if($sAction == "update" || $sAction == "delete")
{
$pPKmember_id = get_param("PK_member_id");
if( !strlen($pPKmember_id)) return;
$sWhere = "member_id=" . tosql($pPKmember_id, "Number");
}
//-------------------------------
//-------------------------------
// Load all form fields into variables
//-------------------------------
$fldmember_login = get_param("member_login");
$fldmember_password = get_param("member_password");
$fldmember_password2 = get_param("member_password2");
$fldfirst_name = get_param("first_name");
$fldlast_name = get_param("last_name");
$fldemail = get_param("email");
$fldaddress = get_param("address");
$fldphone = get_param("phone");
$fldcard_type_id = get_param("card_type_id");
$fldcard_number = get_param("card_number");
//-------------------------------
// Validate fields
//-------------------------------
if($sAction == "insert" || $sAction == "update")
{
if(!strlen($fldmember_login))
$sRegErr .= "The value in field Username* is required.<br>";
if(!strlen($fldmember_password))
$sRegErr .= "The value in field Password* is required.<br>";
if(!strlen($fldmember_password2))
$sRegErr .= "The value in field Confirm Password* is required.<br>";
if(!strlen($fldfirst_name))
$sRegErr .= "The value in field First Name* is required.<br>";
if(!strlen($fldlast_name))
$sRegErr .= "The value in field Last Name* is required.<br>";
if(!strlen($fldemail))
$sRegErr .= "The value in field Email* is required.<br>";
if(!is_number($fldcard_type_id))
$sRegErr .= "The value in field Credit Card Type is incorrect.<br>";
if(strlen($fldmember_login) )
{
$iCount = 0;
if($sAction == "insert")
$iCount = get_db_value("SELECT count(*) FROM members WHERE member_login=" . tosql($fldmember_login, "Text"));
else if($sAction == "update")
$iCount = get_db_value("SELECT count(*) FROM members WHERE member_login=" . tosql($fldmember_login, "Text") . " and not(" . $sWhere . ")");
if($iCount > 0)
$sRegErr .= "The value in field Username* is already in database.<br>";
}
//-------------------------------
// Reg Check Event begin
if (get_param("member_password") != get_param("member_password2"))
$sRegErr .= "\nPassword and Confirm Password fields don't match";
// Reg Check Event end
//-------------------------------
if(strlen($sRegErr)) return;
}
//-------------------------------
//-------------------------------
// Create SQL statement
//-------------------------------
switch(strtolower($sAction))
{
case "insert":
//-------------------------------
// Reg Insert Event begin
// Reg Insert Event end
//-------------------------------
$sSQL = "insert into members (" .
"member_login," .
"member_password," .
"first_name," .
"last_name," .
"email," .
"address," .
"phone," .
"card_type_id," .
"card_number)" .
" values (" .
tosql($fldmember_login, "Text") . "," .
tosql($fldmember_password, "Text") . "," .
tosql($fldfirst_name, "Text") . "," .
tosql($fldlast_name, "Text") . "," .
tosql($fldemail, "Text") . "," .
tosql($fldaddress, "Text") . "," .
tosql($fldphone, "Text") . "," .
tosql($fldcard_type_id, "Number") . "," .
tosql($fldcard_number, "Text") .
")";
break;
case "update":
//-------------------------------
// Reg Update Event begin
// Reg Update Event end
//-------------------------------
$sSQL = "update members set " .
"member_login=" . tosql($fldmember_login, "Text") .
",member_password=" . tosql($fldmember_password, "Text") .
",first_name=" . tosql($fldfirst_name, "Text") .
",last_name=" . tosql($fldlast_name, "Text") .
",email=" . tosql($fldemail, "Text") .
",address=" . tosql($fldaddress, "Text") .
",phone=" . tosql($fldphone, "Text") .
",card_type_id=" . tosql($fldcard_type_id, "Number") .
",card_number=" . tosql($fldcard_number, "Text");
$sSQL .= " where " . $sWhere;
break;
}
//-------------------------------
//-------------------------------
// Reg BeforeExecute Event begin
// Reg BeforeExecute Event end
//-------------------------------
//-------------------------------
// Execute SQL statement
//-------------------------------
if(strlen($sRegErr)) return;
if($bExecSQL)
$db->query($sSQL);
header("Location: " . $sActionFileName);
//-------------------------------
// Reg Action end
//-------------------------------
}
//===============================
// Display Record Form
//-------------------------------
function Reg_show()
{
global $db;
global $sAction;
global $sForm;
global $sFileName;
global $sRegErr;
global $styles;
$fldmember_id = "";
$fldmember_login = "";
$fldmember_password = "";
$fldfirst_name = "";
$fldlast_name = "";
$fldemail = "";
$fldaddress = "";
$fldphone = "";
$fldcard_type_id = "";
$fldcard_number = "";
//-------------------------------
// Reg Show begin
//-------------------------------
$sFormTitle = "Registration";
$sWhere = "";
$bPK = true;
$scard_type_idDisplayValue = "";
?>
<table style="width:100%">
<form method="POST" action="<?= $sFileName ?>" name="Reg">
<tr><td style="background-color: #336699; text-align: Center; border-style: outset; border-width: 1" colspan="2"><font style="font-size: 10pt; color: #FFFFFF; font-weight: bold"><?=$sFormTitle?></font></td></tr>
<? if ($sRegErr) { ?>
<tr><td style="background-color: #FFFFFF; border-width: 1" colspan="2"><font style="font-size: 10pt; color: #000000"><?= $sRegErr ?></font></td></tr>
<? } ?>
<?
//-------------------------------
// Load primary key and form parameters
//-------------------------------
if($sRegErr == "")
{
}
else
{
$fldmember_id = strip(get_param("member_id"));
$fldmember_login = strip(get_param("member_login"));
$fldmember_password = strip(get_param("member_password"));
$fldfirst_name = strip(get_param("first_name"));
$fldlast_name = strip(get_param("last_name"));
$fldemail = strip(get_param("email"));
$fldaddress = strip(get_param("address"));
$fldphone = strip(get_param("phone"));
$fldcard_type_id = strip(get_param("card_type_id"));
$fldcard_number = strip(get_param("card_number"));
}
//-------------------------------
//-------------------------------
// Load all form fields
$fldmember_password2 = get_param("member_password2");
//-------------------------------
//-------------------------------
// Build WHERE statement
//-------------------------------
$pmember_id = get_session("UserID");
if( !strlen($pmember_id)) $bPK = false;
$sWhere .= "member_id=" . tosql($pmember_id, "Number");
//-------------------------------
//-------------------------------
// Reg Open Event begin
// Reg Open Event end
//-------------------------------
//-------------------------------
// Build SQL statement and execute query
//-------------------------------
$sSQL = "select * from members where " . $sWhere;
// Execute SQL statement
$db->query($sSQL);
$bIsUpdateMode = ($bPK && !($sAction == "insert" && $sForm == "Reg") && $db->next_record());
//-------------------------------
//-------------------------------
// Load all fields into variables from recordset or input parameters
//-------------------------------
if($bIsUpdateMode)
{
$fldmember_id = $db->f("member_id");
//-------------------------------
// Load data from recordset when form displayed first time
//-------------------------------
if($sRegErr == "")
{
$fldmember_login = $db->f("member_login");
$fldmember_password = $db->f("member_password");
$fldfirst_name = $db->f("first_name");
$fldlast_name = $db->f("last_name");
$fldemail = $db->f("email");
$fldaddress = $db->f("address");
$fldphone = $db->f("phone");
$fldcard_type_id = $db->f("card_type_id");
$fldcard_number = $db->f("card_number");
}
//-------------------------------
// Reg ShowEdit Event begin
// Reg ShowEdit Event end
//-------------------------------
}
else
{
if($sRegErr == "")
{
$fldmember_id = tohtml(get_session("UserID"));
}
//-------------------------------
// Reg ShowInsert Event begin
// Reg ShowInsert Event end
//-------------------------------
}
//-------------------------------
// Reg Show Event begin
// Reg Show Event end
//-------------------------------
//-------------------------------
// Show form field
//-------------------------------
?>
<tr>
<td style="background-color: #FFEAC5; border-style: inset; border-width: 0">
<font style="font-size: 10pt; color: #000000">Username*</font>
</td>
<td style="background-color: #FFFFFF; border-width: 1">
<font style="font-size: 10pt; color: #000000"><input type="text" name="member_login" maxlength="20" value="<?= tohtml($fldmember_login) ?>" size="20" ></font>
</td>
</tr>
<tr>
<td style="background-color: #FFEAC5; border-style: inset; border-width: 0">
<font style="font-size: 10pt; color: #000000">Password*</font>
</td>
<td style="background-color: #FFFFFF; border-width: 1">
<font style="font-size: 10pt; color: #000000"><input type="password" name="member_password" maxlength="20" value="<?= tohtml($fldmember_password) ?>" size="20" ></font>
</td>
</tr>
<tr>
<td style="background-color: #FFEAC5; border-style: inset; border-width: 0">
<font style="font-size: 10pt; color: #000000">Confirm Password*</font>
</td>
<td style="background-color: #FFFFFF; border-width: 1">
<font style="font-size: 10pt; color: #000000"><input type="password" name="member_password2" maxlength="20" value="<?= tohtml($fldmember_password2) ?>" size="20" ></font>
</td>
</tr>
<tr>
<td style="background-color: #FFEAC5; border-style: inset; border-width: 0">
<font style="font-size: 10pt; color: #000000">First Name*</font>
</td>
<td style="background-color: #FFFFFF; border-width: 1">
<font style="font-size: 10pt; color: #000000"><input type="text" name="first_name" maxlength="50" value="<?= tohtml($fldfirst_name) ?>" size="50" ></font>
</td>
</tr>
<tr>
<td style="background-color: #FFEAC5; border-style: inset; border-width: 0">
<font style="font-size: 10pt; color: #000000">Last Name*</font>
</td>
<td style="background-color: #FFFFFF; border-width: 1">
<font style="font-size: 10pt; color: #000000"><input type="text" name="last_name" maxlength="50" value="<?= tohtml($fldlast_name) ?>" size="50" ></font>
</td>
</tr>
<tr>
<td style="background-color: #FFEAC5; border-style: inset; border-width: 0">
<font style="font-size: 10pt; color: #000000">Email*</font>
</td>
<td style="background-color: #FFFFFF; border-width: 1">
<font style="font-size: 10pt; color: #000000"><input type="text" name="email" maxlength="50" value="<?= tohtml($fldemail) ?>" size="50" ></font>
</td>
</tr>
<tr>
<td style="background-color: #FFEAC5; border-style: inset; border-width: 0">
<font style="font-size: 10pt; color: #000000">Address</font>
</td>
<td style="background-color: #FFFFFF; border-width: 1">
<font style="font-size: 10pt; color: #000000"><input type="text" name="address" maxlength="50" value="<?= tohtml($fldaddress) ?>" size="50" ></font>
</td>
</tr>
<tr>
<td style="background-color: #FFEAC5; border-style: inset; border-width: 0">
<font style="font-size: 10pt; color: #000000">Phone</font>
</td>
<td style="background-color: #FFFFFF; border-width: 1">
<font style="font-size: 10pt; color: #000000"><input type="text" name="phone" maxlength="50" value="<?= tohtml($fldphone) ?>" size="50" ></font>
</td>
</tr>
<tr>
<td style="background-color: #FFEAC5; border-style: inset; border-width: 0">
<font style="font-size: 10pt; color: #000000">Credit Card Type</font>
</td>
<td style="background-color: #FFFFFF; border-width: 1">
<font style="font-size: 10pt; color: #000000"><select size="1" name="card_type_id">
<?
echo "<option value=\"\">" . $scard_type_idDisplayValue . "</option>";
$lookup_card_type_id = db_fill_array("select card_type_id, name from card_types order by 2");
if(is_array($lookup_card_type_id))
{
reset($lookup_card_type_id);
while(list($key, $value) = each($lookup_card_type_id))
{
if($key == $fldcard_type_id)
$option="<option SELECTED value=\"$key\">$value";
else
$option="<option value=\"$key\">$value";
echo $option;
}
}
?></select></font>
</td>
</tr>
<tr>
<td style="background-color: #FFEAC5; border-style: inset; border-width: 0">
<font style="font-size: 10pt; color: #000000">Credit Card Number</font>
</td>
<td style="background-color: #FFFFFF; border-width: 1">
<font style="font-size: 10pt; color: #000000"><input type="text" name="card_number" maxlength="20" value="<?= tohtml($fldcard_number) ?>" size="20" ></font>
</td>
</tr>
<tr><td colspan="2" align="right">
<? if (!$bIsUpdateMode) { ?>
<input type="hidden" value="insert" name="FormAction">
<input type="submit" value="Register" onclick="document.Reg.FormAction.value = 'insert';">
<? } ?>
<? if ($bIsUpdateMode) { ?>
<input type="hidden" value="update" name="FormAction"/>
<input type="submit" value="Update" onclick="document.Reg.FormAction.value = 'update';">
<? } ?>
<input type="submit" value="Cancel" onclick="document.Reg.FormAction.value = 'cancel';">
<input type="hidden" name="FormName" value="Reg">
<input type="hidden" name="PK_member_id" value="<?= $pmember_id ?>">
<input type="hidden" name="member_id" value="<?= tohtml($fldmember_id)?>">
</td></tr>
</form>
</table>
<?
//-------------------------------
// Reg Close Event begin
// Reg Close Event end
//-------------------------------
//-------------------------------
// Reg Show end
//-------------------------------
}
//===============================
?>Code: Select all
<?php
/*********************************************************************************
* Filename: common.php
* PHP 4.0 build
*********************************************************************************/
error_reporting (E_ALL ^ E_NOTICE);
//===============================
// Database Connection Definition
//-------------------------------
//CS Online Rent-a-Car Connection begin
include("./db_mysql.inc");
define("DATABASE_NAME","cs_car_rental");
define("DATABASE_USER","root");
define("DATABASE_PASSWORD","");
define("DATABASE_HOST","localhost");
// Database Initialize
$db = new DB_Sql();
$db->Database = DATABASE_NAME;
$db->User = DATABASE_USER;
$db->Password = DATABASE_PASSWORD;
$db->Host = DATABASE_HOST;
// CS Online Rent-a-Car Connection end
//===============================
// Site Initialization
//-------------------------------
// Obtain the path where this site is located on the server
//-------------------------------
$app_path = ".";
//-------------------------------
// Create Header and Footer Path variables
//-------------------------------
$header_filename = "Header.html";
$footer_filename = "Footer.html";
//===============================
//===============================
// Common functions
//-------------------------------
// Convert non-standard characters to HTML
//-------------------------------
function tohtml($strValue)
{
return htmlspecialchars($strValue);
}
//-------------------------------
// Convert value to URL
//-------------------------------
function tourl($strValue)
{
return urlencode($strValue);
}
//-------------------------------
// Obtain specific URL Parameter from URL string
//-------------------------------
function get_param($param_name)
{
global $HTTP_POST_VARS;
global $HTTP_GET_VARS;
$param_value = "";
if(isset($HTTP_POST_VARS[$param_name]))
$param_value = $HTTP_POST_VARS[$param_name];
else if(isset($HTTP_GET_VARS[$param_name]))
$param_value = $HTTP_GET_VARS[$param_name];
return $param_value;
}
function get_session($param_name)
{
global $HTTP_POST_VARS;
global $HTTP_GET_VARS;
global ${$param_name};
$param_value = "";
if(!isset($HTTP_POST_VARS[$param_name]) && !isset($HTTP_GET_VARS[$param_name]) && session_is_registered($param_name))
$param_value = ${$param_name};
return $param_value;
}
function set_session($param_name, $param_value)
{
global ${$param_name};
if(session_is_registered($param_name))
session_unregister($param_name);
${$param_name} = $param_value;
session_register($param_name);
}
function is_number($string_value)
{
if(is_numeric($string_value) || !strlen($string_value))
return true;
else
return false;
}
//-------------------------------
// Convert value for use with SQL statament
//-------------------------------
function tosql($value, $type)
{
if(!strlen($value))
return "NULL";
else
if($type == "Number")
return str_replace (",", ".", doubleval($value));
else
{
if(get_magic_quotes_gpc() == 0)
{
$value = str_replace("'","''",$value);
$value = str_replace("\\","\\\\",$value);
}
else
{
$value = str_replace("\\'","''",$value);
$value = str_replace("\\\"","\"",$value);
}
return "'" . $value . "'";
}
}
function strip($value)
{
if(get_magic_quotes_gpc() == 0)
return $value;
else
return stripslashes($value);
}
function db_fill_array($sql_query)
{
global $db;
$db_fill = new DB_Sql();
$db_fill->Database = $db->Database;
$db_fill->User = $db->User;
$db_fill->Password = $db->Password;
$db_fill->Host = $db->Host;
$db_fill->query($sql_query);
if ($db_fill->next_record())
{
do
{
$ar_lookup[$db_fill->f(0)] = $db_fill->f(1);
} while ($db_fill->next_record());
return $ar_lookup;
}
else
return false;
}
//-------------------------------
// Deprecated function - use get_db_value($sql)
//-------------------------------
function dlookup($table_name, $field_name, $where_condition)
{
$sql = "SELECT " . $field_name . " FROM " . $table_name . " WHERE " . $where_condition;
return get_db_value($sql);
}
//-------------------------------
// Lookup field in the database based on SQL query
//-------------------------------
function get_db_value($sql)
{
global $db;
$db_look = new DB_Sql();
$db_look->Database = $db->Database;
$db_look->User = $db->User;
$db_look->Password = $db->Password;
$db_look->Host = $db->Host;
$db_look->query($sql);
if($db_look->next_record())
return $db_look->f(0);
else
return "";
}
//-------------------------------
// Obtain Checkbox value depending on field type
//-------------------------------
function get_checkbox_value($value, $checked_value, $unchecked_value, $type)
{
if(!strlen($value))
return tosql($unchecked_value, $type);
else
return tosql($checked_value, $type);
}
//-------------------------------
// Obtain lookup value from array containing List Of Values
//-------------------------------
function get_lov_value($value, $array)
{
$return_result = "";
if(sizeof($array) % 2 != 0)
$array_length = sizeof($array) - 1;
else
$array_length = sizeof($array);
for($i = 0; $i < $array_length; $i = $i + 2)
{
if($value == $array[$i]) $return_result = $array[$i+1];
}
return $return_result;
}
//-------------------------------
// Verify user's security level and redirect to login page if needed
//-------------------------------
function check_security($security_level)
{
global $UserRights;
if(!session_is_registered("UserID"))
header ("Location: Login.php?querystring=" . urlencode(getenv("QUERY_STRING")) . "&ret_page=" . urlencode(getenv("REQUEST_URI")));
else
if(!session_is_registered("UserRights") || $UserRights < $security_level)
header ("Location: Login.php?querystring=" . urlencode(getenv("QUERY_STRING")) . "&ret_page=" . urlencode(getenv("REQUEST_URI")));
}
//===============================
// GlobalFuncs begin
// GlobalFuncs end
//===============================
?>Code: Select all
<?php
class DB_Sql {
/* public: connection parameters */
var $Host = "";
var $Database = "";
var $User = "";
var $Password = "";
/* public: configuration parameters */
var $Auto_Free = 0; ## Set to 1 for automatic mysql_free_result()
var $Debug = 0; ## Set to 1 for debugging messages.
var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore errror, but spit a warning)
var $Seq_Table = "db_sequence";
/* public: result array and current row number */
var $Record = array();
var $Row;
/* public: current error number and error text */
var $Errno = 0;
var $Error = "";
/* public: this is an api revision, not a CVS revision. */
var $type = "mysql";
var $revision = "1.2";
/* private: link and query handles */
var $Link_ID = 0;
var $Query_ID = 0;
/* public: constructor */
function DB_Sql($query = "") {
$this->query($query);
}
/* public: some trivial reporting */
function link_id() {
return $this->Link_ID;
}
function query_id() {
return $this->Query_ID;
}
/* public: connection management */
function connect($Database = "", $Host = "", $User = "", $Password = "") {
/* Handle defaults */
if ("" == $Database)
$Database = $this->Database;
if ("" == $Host)
$Host = $this->Host;
if ("" == $User)
$User = $this->User;
if ("" == $Password)
$Password = $this->Password;
/* establish connection, select database */
if ( 0 == $this->Link_ID ) {
$this->Link_ID=mysql_pconnect($Host, $User, $Password);
if (!$this->Link_ID) {
$this->halt("connect($Host, $User, \$Password) failed.");
return 0;
}
if (!@mysql_select_db($Database,$this->Link_ID)) {
$this->halt("cannot use database ".$this->Database);
return 0;
}
}
return $this->Link_ID;
}
/* public: discard the query result */
function free() {
@mysql_free_result($this->Query_ID);
$this->Query_ID = 0;
}
/* public: perform a query */
function query($Query_String) {
/* No empty queries, please, since PHP4 chokes on them. */
if ($Query_String == "")
/* The empty query string is passed on from the constructor,
* when calling the class without a query, e.g. in situations
* like these: '$db = new DB_Sql_Subclass;'
*/
return 0;
if (!$this->connect()) {
return 0; /* we already complained in connect() about that. */
};
# New query, discard previous result.
if ($this->Query_ID) {
$this->free();
}
if ($this->Debug)
printf("Debug: query = %s<br>\n", $Query_String);
$this->Query_ID = @mysql_query($Query_String,$this->Link_ID);
$this->Row = 0;
$this->Errno = mysql_errno();
$this->Error = mysql_error();
if (!$this->Query_ID) {
$this->halt("Invalid SQL: ".$Query_String);
}
# Will return nada if it fails. That's fine.
return $this->Query_ID;
}
/* public: walk result set */
function next_record() {
if (!$this->Query_ID) {
$this->halt("next_record called with no query pending.");
return 0;
}
$this->Record = @mysql_fetch_array($this->Query_ID);
$this->Row += 1;
$this->Errno = mysql_errno();
$this->Error = mysql_error();
$stat = is_array($this->Record);
if (!$stat && $this->Auto_Free) {
$this->free();
}
return $stat;
}
/* public: position in result set */
function seek($pos = 0) {
$status = @mysql_data_seek($this->Query_ID, $pos);
if ($status)
$this->Row = $pos;
else {
$this->halt("seek($pos) failed: result has ".$this->num_rows()." rows");
/* half assed attempt to save the day,
* but do not consider this documented or even
* desireable behaviour.
*/
@mysql_data_seek($this->Query_ID, $this->num_rows());
$this->Row = $this->num_rows;
return 0;
}
return 1;
}
/* public: table locking */
function lock($table, $mode="write") {
$this->connect();
$query="lock tables ";
if (is_array($table)) {
while (list($key,$value)=each($table)) {
if ($key=="read" && $key!=0) {
$query.="$value read, ";
} else {
$query.="$value $mode, ";
}
}
$query=substr($query,0,-2);
} else {
$query.="$table $mode";
}
$res = @mysql_query($query, $this->Link_ID);
if (!$res) {
$this->halt("lock($table, $mode) failed.");
return 0;
}
return $res;
}
function unlock() {
$this->connect();
$res = @mysql_query("unlock tables");
if (!$res) {
$this->halt("unlock() failed.");
return 0;
}
return $res;
}
/* public: evaluate the result (size, width) */
function affected_rows() {
return @mysql_affected_rows($this->Link_ID);
}
function num_rows() {
return @mysql_num_rows($this->Query_ID);
}
function num_fields() {
return @mysql_num_fields($this->Query_ID);
}
/* public: shorthand notation */
function nf() {
return $this->num_rows();
}
function np() {
print $this->num_rows();
}
function f($Name) {
if(isset($this->Record[$Name]))
return $this->Record[$Name];
else
return "";
}
function p($Name) {
print $this->Record[$Name];
}
/* public: sequence numbers */
function nextid($seq_name) {
$this->connect();
if ($this->lock($this->Seq_Table)) {
/* get sequence number (locked) and increment */
$q = sprintf("select nextid from %s where seq_name = '%s'",
$this->Seq_Table,
$seq_name);
$id = @mysql_query($q, $this->Link_ID);
$res = @mysql_fetch_array($id);
/* No current value, make one */
if (!is_array($res)) {
$currentid = 0;
$q = sprintf("insert into %s values('%s', %s)",
$this->Seq_Table,
$seq_name,
$currentid);
$id = @mysql_query($q, $this->Link_ID);
} else {
$currentid = $res["nextid"];
}
$nextid = $currentid + 1;
$q = sprintf("update %s set nextid = '%s' where seq_name = '%s'",
$this->Seq_Table,
$nextid,
$seq_name);
$id = @mysql_query($q, $this->Link_ID);
$this->unlock();
} else {
$this->halt("cannot lock ".$this->Seq_Table." - has it been created?");
return 0;
}
return $nextid;
}
/* public: return table metadata */
function metadata($table='',$full=false) {
$count = 0;
$id = 0;
$res = array();
/*
* Due to compatibility problems with Table we changed the behavior
* of metadata();
* depending on $full, metadata returns the following values:
*
* - full is false (default):
* $result[]:
* [0]["table"] table name
* [0]["name"] field name
* [0]["type"] field type
* [0]["len"] field length
* [0]["flags"] field flags
*
* - full is true
* $result[]:
* ["num_fields"] number of metadata records
* [0]["table"] table name
* [0]["name"] field name
* [0]["type"] field type
* [0]["len"] field length
* [0]["flags"] field flags
* ["meta"][field name] index of field named "field name"
* The last one is used, if you have a field name, but no index.
* Test: if (isset($result['meta']['myfield'])) { ...
*/
// if no $table specified, assume that we are working with a query
// result
if ($table) {
$this->connect();
$id = @mysql_list_fields($this->Database, $table);
if (!$id)
$this->halt("Metadata query failed.");
} else {
$id = $this->Query_ID;
if (!$id)
$this->halt("No query specified.");
}
$count = @mysql_num_fields($id);
// made this IF due to performance (one if is faster than $count if's)
if (!$full) {
for ($i=0; $i<$count; $i++) {
$res[$i]["table"] = @mysql_field_table ($id, $i);
$res[$i]["name"] = @mysql_field_name ($id, $i);
$res[$i]["type"] = @mysql_field_type ($id, $i);
$res[$i]["len"] = @mysql_field_len ($id, $i);
$res[$i]["flags"] = @mysql_field_flags ($id, $i);
}
} else { // full
$res["num_fields"]= $count;
for ($i=0; $i<$count; $i++) {
$res[$i]["table"] = @mysql_field_table ($id, $i);
$res[$i]["name"] = @mysql_field_name ($id, $i);
$res[$i]["type"] = @mysql_field_type ($id, $i);
$res[$i]["len"] = @mysql_field_len ($id, $i);
$res[$i]["flags"] = @mysql_field_flags ($id, $i);
$res["meta"][$res[$i]["name"]] = $i;
}
}
// free the result only if we were called on a table
if ($table) @mysql_free_result($id);
return $res;
}
/* private: error handling */
function halt($msg) {
$this->Error = @mysql_error($this->Link_ID);
$this->Errno = @mysql_errno($this->Link_ID);
if ($this->Halt_On_Error == "no")
return;
$this->haltmsg($msg);
if ($this->Halt_On_Error != "report")
die("Session halted.");
}
function haltmsg($msg) {
printf("</td></tr></table><b>Database error:</b> %s<br>\n", $msg);
printf("<b>MySQL Error</b>: %s (%s)<br>\n",
$this->Errno,
$this->Error);
}
function table_names() {
$this->query("SHOW TABLES");
$i=0;
while ($info=mysql_fetch_row($this->Query_ID))
{
$return[$i]["table_name"]= $info[0];
$return[$i]["tablespace_name"]=$this->Database;
$return[$i]["database"]=$this->Database;
$i++;
}
return $return;
}
}
?>