Page 1 of 1

Keeping a page from refreshing.

Posted: Tue Jan 04, 2005 1:32 pm
by Wldrumstcs
Okay, my code below is from the page that the login page goes to when determining whether or not the username/password inputs match up w/ entries in the database. However, if the person is in there but not activated, I want to display text that says "Your account has not been activated. Click here to do so." However, one of the "refresh content" things from the other parts of the code are still making the page refresh. How should I change the code so it doesn't refresh when an account is not activated?

CODE:

Code: Select all

<?
mysql_connect("localhost","username","password") or die ("Unable to connect to MySQL server."); 
$db = mysql_select_db("db") or die ("Unable to select requested database.");

$error = "";

if($_POST[submit]){
$pw = md5($_POST[password]);
  $result = mysql_query("SELECT count(*) FROM teachers WHERE username='$_POST[username]' AND password='$pw'");
  $user = mysql_fetch_row($result);

$idcheck = mysql_query("SELECT id FROM teachers WHERE username='$_POST[username]'");


      while($row = mysql_fetch_array($idcheck)) 
      { 
        $idcheck_result = $row['id']; 
}
$password = mysql_query("SELECT password FROM teachers WHERE username='$_POST[username]'");


      while($row = mysql_fetch_array($password)) 
      { 
        $activationid = $row['password']; 
}


$active = mysql_query("SELECT activity FROM teachers WHERE id='$idcheck_result'");


      while($row = mysql_fetch_array($active)) 
      { 
        $active_result = $row['activity']; 
}

  if($user[0] > 0) {
	$sql_username_check = mysql_query("SELECT username FROM teachers WHERE username='$_POST[username]'"); 
	list($username) = mysql_fetch_row($sql_username_check); 
	$username_check = mysql_num_rows($sql_username_check);
$id = "SELECT id FROM teachers WHERE username='$_POST[username]'";
    $sql_id_check = mysql_query("SELECT id FROM teachers WHERE username='$_POST[username]'"); 
	list($id) = mysql_fetch_row($sql_id_check); 
	$id_check = mysql_num_rows($sql_id_check);
IF($active_result != "active"){

$error = "<font size='5'><b>That account has not been activated.  To do so, click <a href='activate.php?activationid=$activationid&id=$idcheck_result'>here</a>.</b></font>";

$subject = "Activation info.";
$emailbody = "
Your account has been activated.  You may now login <a href='http://www.****.com/login.php'>here</a>.  You will then have the ability to login, post assignments, test dates, and send emails to other members of the Social Studies staff.  Your login information is as follows:<br><br>USERNAME:  $_POST[username]<br>PASSWORD:  $_POST[password]<br><br>To change your password and update your information (i.e. phone number, email address, biography, etc...), you must Login, then click on 'Update Your Profile.'<br><br>If you have any questions whatsoever, feel free to email the department head <a href='mailto:***@***.org'>*****</a> or the <a href='mailto:********@ameritech.net'>webmaster</a>.<br>-------------------------------------------<br>This is an automatically generated email.  Please DO NOT respond.

";
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=sio-8859-1\r\n";
$headers .= "FROM: ****@*****.com";
mail($_POST[email], $subject, $emailbody, $headers);
}elseif($active_result == "active"){
setcookie("id", $id, time()+604800);    
setcookie("username", $_POST[username], time()+604800);
setcookie("password", $pw, time()+604800);
    $error = "<font size='5'><b>Thank you for logging in!</b></font><br><font size='3'>You are being redirected...</font>";
    echo '<head><meta http-equiv="refresh" content="3;URL=admin.php"></head>';
}}else{
    $error = "<font size='5'><b>Incorrect username or password!</b></font><br><font size='3'>You are being redirected...</font>";}}
echo "<head><meta http-equiv='refresh' content='3;URL=login.php'></head>";
    ?>
<style fprolloverstyle>A:hover {color: #000000; text-decoration: blink}
</style>
<body link="#000000" vlink="#000000" alink="#000000" bgcolor="#000000">
	<table border="0" width="100%" cellspacing="0" cellpadding="0" height="100%" id="table1" bgcolor="#FF7800">
	<tr>
		<td align="center"><? echo "$error"; ?></td>
	</tr>
</table>
</body>

?>

Posted: Tue Jan 04, 2005 1:44 pm
by rehfeld

Code: Select all

if (they should be redirected) {
     echo "<meta http-equiv='refresh' content='3;URL=login.php'>";
}
basically, stop outputting that redirect unconditionally. only output it if its needed.

Posted: Tue Jan 04, 2005 1:47 pm
by feyd
do not echo out anything until you have finished processing the entire page, I'd guess.

Posted: Tue Jan 04, 2005 5:03 pm
by Wldrumstcs
What would the code be if the search for a username and password that fit the forms didn't turn up anything? Basically, whats the opposite of

Code: Select all

<?php
  if($user[0] > 0) 
?>

Posted: Tue Jan 04, 2005 8:36 pm
by Wldrumstcs
???

Posted: Tue Jan 04, 2005 9:02 pm
by feyd
there's no need to bump your thread within such a short time.

the exact opposite of

Code: Select all

if($user[0] > 0)
is

Code: Select all

if($user[0] <= 0)
please remember to quote your named array indices.

Posted: Tue Jan 04, 2005 9:21 pm
by Wldrumstcs
Okay, here is my updated script. However, this still doesn't work.

Code: Select all

<?
mysql_connect("localhost","username","password") or die ("Unable to connect to MySQL server."); 
$db = mysql_select_db("db") or die ("Unable to select requested database.");

$error = "";

if($_POST[submit]){
$pw = md5($_POST[password]);
  $result = mysql_query("SELECT count(*) FROM teachers WHERE username='$_POST[username]' AND password='$pw'");
  $user = mysql_fetch_row($result);

$idcheck = mysql_query("SELECT id FROM teachers WHERE username='$_POST[username]'");


      while($row = mysql_fetch_array($idcheck)) 
      { 
        $idcheck_result = $row['id']; 
}
$password = mysql_query("SELECT password FROM teachers WHERE username='$_POST[username]'");


      while($row = mysql_fetch_array($password)) 
      { 
        $activationid = $row['password']; 
}


$active = mysql_query("SELECT activity FROM teachers WHERE id='$idcheck_result'");


      while($row = mysql_fetch_array($active)) 
      { 
        $active_result = $row['activity']; 
}

  if($user[0] > 0) {
    $sql_username_check = mysql_query("SELECT username FROM teachers WHERE username='$_POST[username]'"); 
    list($username) = mysql_fetch_row($sql_username_check); 
    $username_check = mysql_num_rows($sql_username_check);
$id = "SELECT id FROM teachers WHERE username='$_POST[username]'";
    $sql_id_check = mysql_query("SELECT id FROM teachers WHERE username='$_POST[username]'"); 
    list($id) = mysql_fetch_row($sql_id_check); 
    $id_check = mysql_num_rows($sql_id_check);
IF($active_result != "active"){

$error = "<font size='5'><b>That account has not been activated.  To do so, click <a href='activate.php?activationid=$activationid&id=$idcheck_result'>here</a>.</b></font>";

$subject = "Activation info.";
$emailbody = "
Your account has been activated.  You may now login <a href='http://www.****.com/login.php'>here</a>.  You will then have the ability to login, post assignments, test dates, and send emails to other members of the Social Studies staff.  Your login information is as follows:<br><br>USERNAME:  $_POST[username]<br>PASSWORD:  $_POST[password]<br><br>To change your password and update your information (i.e. phone number, email address, biography, etc...), you must Login, then click on 'Update Your Profile.'<br><br>If you have any questions whatsoever, feel free to email the department head <a href='mailto:***@***.org'>*****</a> or the <a href='mailto:********@ameritech.net'>webmaster</a>.<br>-------------------------------------------<br>This is an automatically generated email.  Please DO NOT respond.

";
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=sio-8859-1\r\n";
$headers .= "FROM: ****@*****.com";
mail($_POST[email], $subject, $emailbody, $headers);
}elseif($active_result == "active"){
setcookie("id", $id, time()+604800);    
setcookie("username", $_POST[username], time()+604800);
setcookie("password", $pw, time()+604800);
    $error = "<font size='5'><b>Thank you for logging in!</b></font><br><font size='3'>You are being redirected...</font>";
    echo '<head><meta http-equiv="refresh" content="3;URL=admin.php"></head>';
}}elseif($user[0] <= 0){
    $error = "<font size='5'><b>Incorrect username or password!</b></font><br><font size='3'>You are being redirected...</font>";}}
echo "<head><meta http-equiv='refresh' content='3;URL=login.php'></head>";
    ?>
<style fprolloverstyle>A:hover {color: #000000; text-decoration: blink}
</style>
<body link="#000000" vlink="#000000" alink="#000000" bgcolor="#000000">
    <table border="0" width="100%" cellspacing="0" cellpadding="0" height="100%" id="table1" bgcolor="#FF7800">
    <tr>
        <td align="center"><? echo "$error"; ?></td>
    </tr>
</table>
</body>

?>

Posted: Tue Jan 04, 2005 9:38 pm
by John Cartwright
feyd wrote: please remember to quote your named array indices.
meaning things lie $_POST[user] should be $_POST["user"]

apply those changes to your code