Page 1 of 1

Members Area PHP

Posted: Mon Nov 21, 2011 1:34 am
by Kreativity
Before I start explaining my problem, please note I am a novice at PHP but I can code HTML & CSS proficiently .

Few days ago i followed this guide: http://net.tutsplus.com/tutorials/php/u ... /#comments.

Here is my website: http://www.kyleknight.co.za/

But it doesn't seem to be working correctly e.g. if you click login it should give error and say enter username and password? but it doesn't. This is just one of the problems but there are many it doesn't do anything its suppose to. Please let me know what else you need.

Re: Members Area PHP

Posted: Mon Nov 21, 2011 1:44 am
by twinedev
We would need to see the actual code you are using.

Have you done any steps at trying to debug it (ie, echo out the SQL statement it tries call to check for logged in user, and then manually ran that query on the database to verify the results you were expecting, or at various stages of the program do simple lines like

Code: Select all

echo '<hr>[',__LINE__,"]<hr>\n"; 
inside each if() and else block so that when you call the page, you can see what line numbers it is hitting to verify what path through if statements it is taking.

-Greg

Re: Members Area PHP

Posted: Mon Nov 21, 2011 3:12 am
by Kreativity
Hey, here is my code, this is the index.php:

Code: Select all

<?php include "dbconnect.php"; ?>
<!--
Author: Kyle Knight
Version: 2.0 Kreativity
New Features: Request a Quote, Contact Us Form, Improved User Experience, Improved User Friendly Design
-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Kyle Knight | A Developer changing the way you use the web</title>
<meta name="description" content="Graphic & Web Development | PHP, Ruby, CSS, HTML & jQuery" />
<meta name="keywords" content="graphic, web, mobile development, graphic design, web design, kyle knight, kyleknight, kyle south africa, php, ruby, programmer, web designer, graphic designer, jQuery, javascript, graphic southa frica, web designer south africa, sa" />
<link rel="stylesheet" type="text/css" href="css/kreative.css" media="screen" /><!--Main Stylesheet-->
<link rel="stylesheet" type="text/css" href="css/css3.css" media="screen" /><!--CSS3 Stylesheet-->
<link href='http://fonts.googleapis.com/css?family=Gochi+Hand' rel='stylesheet' type='text/css' /><!--Google Web Fonts-->
<link rel="icon" type="image/png" href="favicon.png" />
<!--[if IE]>
<link rel="stylesheet" type="text/css" href="css/ie-fixes.css" />
<![endif]-->
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js" type="text/javascript"></script>
<script src="js/twitter.js" type="text/javascript"></script><!-- Latest Tweets Script-->
<!-- Google Analytics -->
<script type="text/javascript">
  var _gaq = _gaq || [];
  _gaq.push(['_setAccount', 'UA-26679850-1']);
  _gaq.push(['_trackPageview']);

  (function() {
    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
  })();
</script>
<!-- End Google Analytics -->
</head>

<body>

<div id="container">
<!-- Header -->
<div class="header">
	<div class="logo"><h1><a href="index.php">Kyle Knight</a></h1></div>
		<div class="head-mid">
        	<div class="head-mid-top">
            	<div class="windmill-cont">
                	<div class="windmill"></div>
                </div>
						<!-- Login Area -->   
                		<div class="register"><h2><a href="">Register</a></h2></div>
                        <div class="login"><h3><a href="#login-form">Login</a></h3></div>
                        
                        	<div class="animation">
                            	<div class="clouds"></div>
                            </div>
            </div>
            	<div class="head-mid-bot">
                	<div class="area-bot">
                    	<p>A Developer changing the way you use the web</p>
                    </div>
                    	<!-- Menu Stars -->
                        <div class="home"><h1><a href="index.html">Home</a></h1></div>
                        <div class="request"><h1><a href="index.html">Request</a></h1></div>
                        <div class="services"><h1><a href="index.html">Services</a></h1></div>
                        <div class="contact"><h1><a href="contact.php">Contact</a></h1></div>
                        <!-- Menu Ends -->
                </div>
        </div>
        			<!-- Social Starts -->
					<div class="facebook"><h1><a href="http://www.facebook.com/KyleKnight1991" target="_blank">Facebook</a></h1></div>
        			<div class="twitter"><h1><a href="http://twitter.com/#!/KyleKnightSA" target="_blank">Twitter</a></h1></div>
                    <!-- Social Ends -->
</div>
<!-- End Header -->

<!-- Body -->
<div id="main-cont">
<!-- Left Column -->
	<div class="latest-work">
    	<div class="whatwedo">
        <h3>What We Do</h3>
        <div class="wedolist">
        <ul>
        <li>Web Design</li>
        <li>CMS Template Design</li>
        <li>HTML/CSS Templates</li>
		<li>Graphic Design</li>
        <li>Logo Design</li>
        <li>Brochures</li>
        <li>Banners</li>
        <li>Newsletters</li>
        </ul>
        </div>
        </div>
    </div>
<!-- End Left Column -->
<!-- Start Right Content -->
    	<div class="middle-hold">
        	<div class="midddle-stuff">
            	<div class="quote-but"><h1><a href="mailto:support@kyleknight.co.za" target="_blank">Quote</a></h1></div>
            </div>
            	<div class="middle-twitter">
                		<div id="jstwitter">
						</div>
                </div>
		</div>
        			<div class="right-col">
                    </div>
<!-- End Right Content -->
</div>
<!-- End Body -->

<!-- Footer -->
<div class="footer">
	<div class="foot-left">
    	<h1>Favourite Links</h1>
        <ul>
        <li><a href="" target="_blank">Behance Network</a></li>
        <li><a href="" target="_blank">Deviant Art</a></li>
        <li><a href="http://roarengine.com/" target="_blank">Roar Engine</a></li>
        <li><a href="http://ruby-lang.org/" target="_blank">Ruby</a></li>
        <li><a href="http://www.awwwards.com/" target="_blank">Awwwards</a></li>
        </ul>
    </div>
    	<div class="foot-mid">
        	<h1>Related Links</h1>
        	<ul>
        	<li><a href="" target="_blank">Portfolio</a></li>
        	<li><a href="" target="_blank">Request a Quote</a></li>
        	<li><a href="" target="_blank">Services</a></li>
        	<li><a href="" target="_blank">The Lab</a></li>
       		</ul>
        </div>
<!-- Start Footer Right -->
<div class="konfoo">
                <?php  
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['Username']))  
{  
     ?>  
  
     <h1>Member Area</h1>  
     <p>Thanks for logging in! You are <b><?=$_SESSION['Username']?></b> and your email address is <b><?=$_SESSION['EmailAddress']?></b>.</p>  
  
     <?php  
}  
elseif(!empty($_POST['username']) && !empty($_POST['password']))  
{  
    $username = mysql_real_escape_string($_POST['username']);  
    $password = md5(mysql_real_escape_string($_POST['password']));  
  
    $checklogin = mysql_query("SELECT * FROM users WHERE Username = '".$username."' AND Password = '".$password."'");  
  
    if(mysql_num_rows($checklogin) == 1)  
    {  
        $row = mysql_fetch_array($checklogin);  
        $email = $row['EmailAddress'];  
  
        $_SESSION['Username'] = $username;  
        $_SESSION['EmailAddress'] = $email;  
        $_SESSION['LoggedIn'] = 1;  
  
        echo "<h1>Success</h1>";  
        echo "<p>We are now redirecting you to the member area.</p>";  
        echo "<meta http-equiv='refresh' content='=2;index.php' />";  
    }  
    else  
    {  
        echo "<h1>Error</h1>";  
        echo "<p>Sorry, your account could not be found. Please <a href=\"index.php\">click here to try again</a>.</p>";  
    }  
}  
else  
{  
    ?>  
    
    <h1 class="mem-login_form">Member Login</h1>  
  	<a name="login-form"></a> 
    <form method="post" action="index.php" name="loginform" id="loginform">  
    <fieldset class="fieldset">  
        <label for="username">Username: </label><input type="text" name="username" class="username_form" /><br />  
        <label for="password">Password: </label><input type="password" name="password" class="password_form" /><br />  
        <input type="submit" name="login" class="login_form" value="Login" />  
    </fieldset>  
    </form>  
	<p class="no-mem_form">Not yet a member? <a href="" class="no-mem_form">Click here to Register</a>.</p>
    
	<?php  
}  
?> 

<?php
 
//checks cookies to make sure they are logged in 

 if(isset($_COOKIE['ID_my_site'])) 

 { 

 	$username = $_COOKIE['ID_my_site']; 

 	$pass = $_COOKIE['Key_my_site']; 

 	 	$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); 

 	while($info = mysql_fetch_array( $check )) 	 

 		{ 

 

 //if the cookie has the wrong password, they are taken to the login page 

 		if ($pass != $info['password']) 

 			{ 			header("Location: index.php"); 

 			} 

 

 //otherwise they are shown the admin area	 

 	else 

 			{ 

 			 echo "Member Area<p>"; 

 echo "Your Content<p>"; 

 echo "<a href=logout.php>Logout</a>"; 

 			} 

 		} 

 		} 

 else 

 

 //if the cookie does not exist, they are taken to the login screen 

 {			 

 header("Location: index.php"); 

 } 

 ?>   

</div>
<!-- End Footer Right --> 
</div>
<!-- Start Copyright --> 
<div id="copyright">
	<p>Copyright 2011 <a href="mailto:support@kyleknight.co.za">Kyle Knight</a>. All rights reserved.</p>
</div>
<!-- End Copyright --> 
<!-- End Footer -->
</div>
</body>
</html>
Here is the dbconnect.php:

Code: Select all

    <?php  
    session_start();  
      
    $dbhost = "hetzner host address"; // this will ususally be 'localhost', but can sometimes differ  
    $dbname = "i put my db name here"; // the name of the database that you are going to use for this project  
    $dbuser = "my user name was here"; // the username that you created, or were given, to access your database  
    $dbpass = "my password"; // the password that you created, or were given, to access your database  
      
    mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error());  
    mysql_select_db($dbname) or die("MySQL Error: " . mysql_error());  
    ?>  
Here is logout.php:

Code: Select all

<?php include dbconnect.php; $_SESSION = array(); session_destroy(); 
?> 
<meta http-equiv='refresh' content='=0;index.php' />
Here is register.php:

Code: Select all

<?php include "dbconnect.php"; ?>
<!--
Author: Kyle Knight
Version: 2.0 Kreativity
New Features: Request a Quote, Contact Us Form, Improved User Experience, Improved User Friendly Design
-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Kyle Knight | A Developer changing the way you use the web</title>
<meta name="description" content="Graphic & Web Development | PHP, Ruby, CSS, HTML & jQuery" />
<meta name="keywords" content="graphic, web, mobile development, graphic design, web design, kyle knight, kyleknight, kyle south africa, php, ruby, programmer, web designer, graphic designer, jQuery, javascript, graphic southa frica, web designer south africa, sa" />
<link rel="stylesheet" type="text/css" href="css/kreative.css" media="screen" /><!--Main Stylesheet-->
<link rel="stylesheet" type="text/css" href="css/css3.css" media="screen" /><!--CSS3 Stylesheet-->
<link href='http://fonts.googleapis.com/css?family=Gochi+Hand' rel='stylesheet' type='text/css' /><!--Google Web Fonts-->
<link rel="icon" type="image/png" href="favicon.png" />
<!--[if IE]>
<link rel="stylesheet" type="text/css" href="css/ie-fixes.css" />
<![endif]-->
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js" type="text/javascript"></script>
<script src="js/twitter.js" type="text/javascript"></script><!-- Latest Tweets Script-->
<!-- Google Analytics -->
<script type="text/javascript">
  var _gaq = _gaq || [];
  _gaq.push(['_setAccount', 'UA-26679850-1']);
  _gaq.push(['_trackPageview']);

  (function() {
    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
  })();
</script>
<!-- End Google Analytics -->
</head>

<body>

<div id="container">
<!-- Header -->
<div class="header">
	<div class="logo"><h1><a href="index.php">Kyle Knight</a></h1></div>
		<div class="head-mid">
        	<div class="head-mid-top">
            	<div class="windmill-cont">
                	<div class="windmill"></div>
                </div>
						<!-- Login Area -->   
                		<div class="register"><h2><a href="register.php">Register</a></h2></div>
                        <div class="login"><h3><a href="index.php">Login</a></h3></div>
                        	<div class="animation">
                            	<div class="clouds"></div>
                            </div>
            </div>
            	<div class="head-mid-bot">
                	<div class="area-bot">
                    	<p>A Developer changing the way you use the web</p>
                    </div>
                    	<!-- Menu Stars -->
                        <div class="home"><h1><a href="index.html">Home</a></h1></div>
                        <div class="request"><h1><a href="index.html">Request</a></h1></div>
                        <div class="services"><h1><a href="index.html">Services</a></h1></div>
                        <div class="contact"><h1><a href="index.html">Contact</a></h1></div>
                        <!-- Menu Ends -->
                </div>
        </div>
        			<!-- Social Starts -->
					<div class="facebook"><h1><a href="http://www.facebook.com/KyleKnight1991" target="_blank">Facebook</a></h1></div>
        			<div class="twitter"><h1><a href="http://twitter.com/#!/KyleKnightSA" target="_blank">Twitter</a></h1></div>
                    <!-- Social Ends -->
</div>
<!-- End Header -->

<!-- Body -->
<div id="main-cont">
<!-- Register Area -->
<?php  
if(!empty($_POST['username']) && !empty($_POST['password']))  
{  
    $username = mysql_real_escape_string($_POST['username']);  
    $password = md5(mysql_real_escape_string($_POST['password']));  
    $email = mysql_real_escape_string($_POST['email']);  
  
     $checkusername = mysql_query("SELECT * FROM users WHERE Username = '".$username."'");  
  
     if(mysql_num_rows($checkusername) == 1)  
     {  
        echo "<h1>Error</h1>";  
        echo "<p>Sorry, that username is taken. Please go back and try again.</p>";  
     }  
     else  
     {  
        $registerquery = mysql_query("INSERT INTO users (Username, Password, EmailAddress) VALUES('".$username."', '".$password."', '".$email."')");  
        if($registerquery)  
        {  
            echo "<h1>Success</h1>";  
            echo "<p>Your account was successfully created. Please <a href=\"index.php\">click here to login</a>.</p>";  
        }  
        else  
        {  
            echo "<h1>Error</h1>";  
            echo "<p>Sorry, your registration failed. Please go back and try again.</p>";  
        }  
     }  
}  
else  
{  
    ?>  
  
   <h1>Register</h1>  
  
   <p>Please enter your details below to register.</p>  
  
    <form method="post" action="register.php" name="registerform" id="registerform">  
    <fieldset class="fieldset">  
        <label for="username">Username:</label><input type="text" name="username" class="username" /><br />  
        <label for="password">Password:</label><input type="password" name="password" class="password" /><br />  
        <label for="email">Email Address:</label><input type="text" name="email" class="email" /><br />  
        <input type="submit" name="register" class="register" value="Register" />  
    </fieldset>  
    </form>  
  
    <?php  
}  
?>  
<!-- End Register Area -->
</div>
<!-- End Body -->

<!-- Footer -->
<div class="footer">
	<div class="foot-left">
    	<h1>Favourite Links</h1>
        <ul>
        <li><a href="" target="_blank">Behance Network</a></li>
        <li><a href="" target="_blank">Deviant Art</a></li>
        <li><a href="http://roarengine.com/" target="_blank">Roar Engine</a></li>
        <li><a href="http://ruby-lang.org/" target="_blank">Ruby</a></li>
        <li><a href="http://www.awwwards.com/" target="_blank">Awwwards</a></li>
        </ul>
    </div>
    	<div class="foot-mid">
        	<h1>Related Links</h1>
        	<ul>
        	<li><a href="" target="_blank">Portfolio</a></li>
        	<li><a href="" target="_blank">Request a Quote</a></li>
        	<li><a href="" target="_blank">Services</a></li>
        	<li><a href="" target="_blank">The Lab</a></li>
       		</ul>
        </div>
<!-- Start Footer Right -->
        	<div class="foot-right">
            	<div class="konfoo">
                <?php  
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['Username']))  
{  
     ?>  
  
     <h1>Member Area</h1>  
     <p>Thanks for logging in! You are <b><?=$_SESSION['Username']?></b> and your email address is <b><?=$_SESSION['EmailAddress']?></b>.</p>  
  
     <?php  
}  
elseif(!empty($_POST['username']) && !empty($_POST['password']))  
{  
    $username = mysql_real_escape_string($_POST['username']);  
    $password = md5(mysql_real_escape_string($_POST['password']));  
  
    $checklogin = mysql_query("SELECT * FROM users WHERE Username = '".$username."' AND Password = '".$password."'");  
  
    if(mysql_num_rows($checklogin) == 1)  
    {  
        $row = mysql_fetch_array($checklogin);  
        $email = $row['EmailAddress'];  
  
        $_SESSION['Username'] = $username;  
        $_SESSION['EmailAddress'] = $email;  
        $_SESSION['LoggedIn'] = 1;  
  
        echo "<h1>Success</h1>";  
        echo "<p>We are now redirecting you to the member area.</p>";  
        echo "<meta http-equiv='refresh' content='=2;index.php' />";  
    }  
    else  
    {  
        echo "<h1>Error</h1>";  
        echo "<p>Sorry, your account could not be found. Please <a href=\"index.php\">click here to try again</a>.</p>";  
    }  
}  
else  
{  
    ?>  
    
 	<a name="login-form"></a> 
    <form method="post" action="index.php" name="loginform" id="loginform">  
    <fieldset class="fieldset">  
        <label for="username">Username:</label><input type="text" name="username" class="username" /><br />  
        <label for="password">Password:</label><input type="password" name="password" class="password" /><br />  
        <input type="submit" name="login" class="login" value="Login" />  
    </fieldset>  
    </form>  
  
   <?php  
}  
?>  
                </div>
             </div>
<!-- End Footer Right --> 
</div>
<!-- Start Copyright --> 
<div id="copyright">
	<p>Copyright 2011 <a href="mailto:support@kyleknight.co.za">Kyle Knight</a>. All rights reserved.</p>
</div>
<!-- End Copyright --> 
<!-- End Footer -->
</div>
</body>
</html>
The site is far from finished, and if my code looks abit messy its because I know nothing about php. I am like seriously novice I took the code from http://net.tutsplus.com/tutorials/php/u ... /#comments and just changed a few things. In the SQL tab on phpmyadmin I ran:

CREATE TABLE `users` (
`UserID` INT(25) NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`Username` VARCHAR(65) NOT NULL ,
`Password` VARCHAR(32) NOT NULL ,
`EmailAddress` VARCHAR(255) NOT NULL
);

Hope this helps thanks so much again for helping me :) If there is anything else you need to help me sort out this problem let me know.