Page 1 of 4
a problem i cant seem to get around
Posted: Wed Dec 10, 2003 7:35 am
by malcolmboston
hi guys
basically i am haveing problems with variables again,
ok i know how to pass them but i cant do it in the situation that i currently need to do it in.
ok, basically have set up loads of simple form variables and have retrieved them sucessfully.
unfortunately, i now want to pass the form variables from a login page so that it will pass the username field to the next page after verifying that the user is indeed a registered member.
ok i would provide some code, but i have written 3 or 4 very different scripts to try and get this to work and always it allows me to login but will not pass the $username var, and besides im not currently at my own computer.
if anyone can explain to me how i can do a mysql check and a form var at the same time it would be very much appreciated.
i can do this when registered_globals is turned to 'on' however i want my site to me futureproof so im doing it the proper way
any help would be much appreciated
Thank You
Posted: Wed Dec 10, 2003 7:47 am
by twigletmac
TBH, pin pointing the problem is not going to be easy without some example code. Maybe you want to use sessions to store the username?
viewtopic.php?t=6521
Mac
Posted: Wed Dec 10, 2003 7:49 am
by malcolmboston
thank you twigletmac
unfortunately coming here was a last resort tbh, im sick of asking people for help which i shouldnt need, bought a book the other day, explains nothing about the new syntax of variables
Thank You i will have a read of that and get back here
out of interest
is it possible to save a server-side cookie?
i have a need for it
edit:
that session function sounds interesting and i was planning to use it but i read some bad vibes about it not being too secure (SSL isnt an option for me)
but i have a question for you
the first session_start() on the site
should it be on the very first page on the site <-- doubt it
on the login page? <--- most likely
after the login page? <---- not sure
thanks for your help
Posted: Wed Dec 10, 2003 8:15 am
by twigletmac
A server side cookie is not possible - cookies can only be set on client computers, but if you explain what you need it for we can probably give some alternatives.
Sessions are used widely for that type of application - in theory session spoofing is possible but the spoofer would have to be able to guess or otherwise obtain the session id of the session they wish to hijack.
session_start() should appear on all pages in which you want to use sessions, it needs to appear before any content is output to the browser otherwise you will get an error.
Mac
Posted: Wed Dec 10, 2003 8:16 am
by JayBird
malcolmboston wrote:the first session_start() on the site
should it be on the very first page on the site <-- doubt it
on the login page? <--- most likely
after the login page? <---- not sure
All depends mate, you'll need it on all pages where you want to use the sessions variables.
Mark
Posted: Wed Dec 10, 2003 8:23 am
by malcolmboston
ok basically twigletmac
i do not like cookies, maybe im set in my ways, but to me a hell of alot of sites like to give you cookies for no reason whatsoever and more often then you would think sensitive information is contained in that cookie, that should not be given out
because of this i do not want to use cookies, people are not discriminative about deleting cookies they delete them all, and will not keep them, the site i am currently developing for is quite a big site but for a closed audience if you get my drift, only people that work for the company can access the members area which is why i am putting so much effort into it, 9 months and counting, the site is huge, i want cookies to remember certain things such as preferred theme (CSS),calendar (calendar defaults to save as cookie, if they delete the cookie they destroy all reminders) and a couple of other things i was considering doing this in MySQL but really wouldt know where to start as i am not too confident in my ability of coding in PHP yet (only been learning about 3 weeks) can do MySQL query and connection, var passing, login scripts etc but fall short on arrays which i am prediciting is how this would be done
I have a good book at home, so fireaway with any suggestions and ill read up about them
Posted: Wed Dec 10, 2003 8:26 am
by aquila125
Hmmm I would strongly suggest to put all userdata in a database..
usually all personal information is stored in the database, and cookies are only used to login (read up on this.. bit tricky to do it save).. if a user logs in from another computer, he still get's his personal settings...
Posted: Wed Dec 10, 2003 8:46 am
by JayBird
i would have to agree with aquila125, store all users setting in a DB.
It would be that hard, instead of storing and retrieving info from a cookie like you wanted to do, you would just store and retreive the info from the DB.
Mark
Posted: Wed Dec 10, 2003 8:47 am
by malcolmboston
thank you, you explained it better than i did
well that is exactly what i want, for a users settings to be remembered from any computer they decide to login from, obviously the data has to be saved into a database because it needs to be retrieved from the server.
About cookies, i have a cd @ home i burned from my old job, everything was burned, cookie folder, everything, when i am/was learning cookies i thought i'd have a look at what sort of thing companies write inside a cookie just to see what sort of thing they like to remember, i have approx 300-400 cookies on that disc and about 20-30 hold info that should be confidential hence the stigma with cookies, shame you cant save server-side cookies sure i read about that somewhere before, oh well.
I have invested quite heavily into PHP because i really want to learn it, it is a cracking 'little language' bought zend studio solely for debugging options lol and from recommendations on this site.
OK, well im @ university at the moment, (
http://www.tees.ac.uk) when you login to the student site, the whole site is customised to your requirements such as course you are studying , your CSS style is remembered etc (this is what give me the idea as well as the way PHPbb does it) the site from a design aspect is nothing special, after logging in the site is technically brilliant, now i know for a fact that it is all saved into a database and retrieved at login, however the site is in various diff languages such as
- ASP - i know v-little about
- CFM - good knowledge
- CGI - no nothing about <-- the site is mostly CGI
no php!
also to be honest i have no idea the sort of coding for insert and retrieving the data @ 'run-time' and currently it is beyond my knowledge of PHP.
If any of you guys have the time (and knowledge, which is highly likely some of you guys are scary good at PHP) then please feel free to give me some comments/ or code snippets about the way i could achieve the effect i am after, they have offered me a job @ £38k a year (about $50k )so i want to do the best that i can do, they mainly employed me for my knowledge of advanced networking (which i specialise in) and PC repair but they offered me the job as head web developer, and its my dream job so im taking it.
Thanks
(if this was too long sorry, i have a habit of babbling on a bit

)[/list]
Posted: Wed Dec 10, 2003 8:54 am
by JayBird
how about i do the site for you, then I take the job, i am only down the road in York
Mark
Posted: Wed Dec 10, 2003 9:00 am
by aquila125
if you'r redoing the site.. make sure to choose one language.. much easier to maintain...
and ofcourse I'd suggest using php
Using databases with php is VERY easy...
http://www.php.net/mysql will get you started.. just read some tutorials and you'r off.. shouldn't take you more then a week...
Posted: Wed Dec 10, 2003 9:02 am
by qads
lol@Bech100
server side cookies can be done..but i would't call them cookies, i will just call them files
lets say you want to save CSS theme for a user, you simpley save it as a file in
"themes/$username.txt", so every time the user logsin, you just look in "themes/$username.txt" to see what theme he/she has

..
this is would be lot easier, and faster with a real database, flat files are just not safe enough.
so, you would need to look at [php_man]fopen[/php_man], [php_man]fwrite[/php_man] and [php_man]fclose[/php_man] functions on php.net or your book.
Posted: Wed Dec 10, 2003 9:03 am
by malcolmboston
lol, ive wanted to do this job forever and i previously completeled a contract with them and they were impressed with my work so they asked me if i wanted a job so i accepted.
and besides without meaning to sound up my own arse, i offer alot more than PHP programming such as:
Pc Associated
previous teacher of HTML and Servers(network) (@ 19yrs old, no BS)
MCSA (98se, 2000 pro, 2000 server, xp home and pro)
RHCT (mostly RH9)
worked for middlesbrough council as 2nd in charge of *nix systems
little C++ knowledge
amazing ability to remember pointless crap that no-one needs 2 know
advanced knowledge of complex network infrastructure, routers and gateway servers.
Web associated
HTML - Godly
Javascript - able
CSS - Godly
Action Scripting - experienced and able
Flash Animation - previous commercial work
Photoshop - God I Suck
Advanced knowledge of running various web-servers, virtual hosting, domain name mapping on unix and windows
whispers: remember to tell them never to go to york

otherwise job may be offered to the PHP expert :bump:
anyway, any ideas peeps
Posted: Wed Dec 10, 2003 9:09 am
by malcolmboston
lol ok read your post
what is the easiest way of doing it so that it can be updated and edited as and when needed (btw i already know alot about MySQL) people i am going to be working with only have a bground in HTML so it needs to be simple for them to be able to understand
personally MySQL is the easiest in my opinion, once you ve got the syntax then youre half-way there, i could always write the include file on there behalf so they wouldnt need to 'dive-in'
any ideas, also would it be easier to ad the cols to my login database already or create a seperate one do you think?
Thanks
Posted: Wed Dec 10, 2003 9:17 am
by aquila125
make a seperate table with user settings..
one table holds all of the possible settings (settings_id, setting)
eg (1, CSS_type // 2, date_format // ...)
a second table links the user with the setting:
userid, setting_id, setting
(1254885, 1, red_css_file)
like this, it's easy to add or remove certain settings.. much more work if you have to add/remove columns..