Page 2 of 3

Posted: Mon Jul 03, 2006 12:12 pm
by RobertGonzalez
That entire segment of code has problems all over it. Try this one...

Code: Select all

<?php
if ( isset($_POST['submit']) ) { // Fixed the writing of the POST array var
        if ( empty($userid) ) { // Removed the '] from the end of user id and added a closing )
                header("Location: http://www.mysite.com/memberok.php"); // Always ue a full URL for header redirects
        } else {
                echo 'Login incorrect.';
        }
} 
?>
Try looking over the code and see what was done.

Posted: Fri Jul 07, 2006 5:08 pm
by 4Boredom
this stuff is still messed up..

Search coming soon...
Parse error: parse error, unexpected '?', expecting ',' or ')' in /home/i4boredo/public_html/login_success.php on line 3

Code: Select all

<?php 

if ( isset($_POST?['submit']) ) { 
        if ( empty($userid']) { 
                header("Location: memberok.php"); 
        } else { 
                echo 'Login incorrect.'; 
        } 
} 
?>
<form method="post" action="formTest.php">
Enter an Email: <input type="text" name="emailAddress" />
<input type="submit" name="submit" value="Submit Email Address" />
</form>

Posted: Fri Jul 07, 2006 10:12 pm
by RobertGonzalez
OK, look at your code, then look at my code. There is one key diffrence in the second if. Find it and fix it and you will be golden. I have done this for you twice already so I am leaving it up to you to find it this time. :wink:

Posted: Fri Jul 07, 2006 11:05 pm
by nickman013
I see a few errors, but the reason for the error your getting is this. (BTW, it is easy to spot errors when the color is different).
$_POST?['submit'])
No need for a question mark, and
if ( empty($userid'])
in between the () you are missing a quotation mark before $userid, there is no need for it also.

Posted: Sat Jul 08, 2006 12:47 am
by 4Boredom
awesome.. it was the userid part that was messed.... i hadent posted my fix on the other...

IT WORKS NOW THOUGH!

There is still a slight problem though... I have it set to say Hi, [first_name], welcome to the members section..... It just says Welcome, . and does not load my first name. Is the $session tag done wrong?

echo "Welcome, ". $_SESSION['first_name'] .". You are now in our exclusive 'Members Only' section.<br>";

heres the whole thing if u want it

Code: Select all

<?php 
/* start the session */ 
session_start(); 
require("header.php"); 
include 'login_success.php';

/* this prints at the top of the page. */ 
echo "Welcome, ". $_SESSION['first_name'] .". You are now in our exclusive 'Members Only' section.<br>"; 
 
/* always prints the logout page, just in case the user is done */ 
echo "<br><br><b><a href=logout.php>Logout</a><br>"; 
?>

Posted: Sat Jul 08, 2006 1:04 am
by nickman013
You need to store the first_name variable into a session.

Posted: Sat Jul 08, 2006 1:29 am
by 4Boredom
it is stored in my users database though...

so is there a different script other than session that I need to use to pull it up?

(sorry im a newb... im slowly catching on though)

Posted: Sat Jul 08, 2006 1:56 am
by 4Boredom
ok nevermind its not that code thats messed...

I have been testing stuff, and I typed in a wrong password and it still went thru to same screen..

therefore the problem must be in my authentification script?... I probably have this all effed up but atleast I know the messed is in here??? the memberok.php doesnt even matter cuz I know its not reading right.

http://www.4boredom.com/login.php is the page.... I type in a wrong PW and it still doesnt post the login incorrect?

login.php

Code: Select all

<?php 
session_start(); 
require("header.php"); ?>

<center>
<br><b>User Login</b><br>
<FORM ACTION="search.php" METHOD="post" name="loginform"> 
  <DIV ALIGN="justify"> 
    <TABLE WIDTH="50%" BORDER="0" ALIGN="center" CELLPADDING="4" CELLSPACING="0" align="center"> 
      <TR>  
        <TD WIDTH="22%">E-Mail Address</TD> 
        <TD WIDTH="78%"><INPUT name="email_address" TYPE="email_address" id="email_address"></TD> 
      </TR> 
      <TR>  
        <TD>Password</TD> 
        <TD><INPUT name="password" TYPE="password" id="password"></TD> 
      </TR> 
      <TR>  
        <TD> </TD> 
        <TD><INPUT TYPE="submit" name="Submit" VALUE="Submit"></TD> 
      </TR> 
    </TABLE> 
	</center>
  </DIV> 
</FORM> 
</BODY> 
</HTML>
search.php

Code: Select all

<?php 
session_start(); 

require("header.php"); 
include ("login_success.php");
include("db.php");
$_SESSION['first_name'] = $first_name; 


/* this prints at the top of the page. */ 
echo "Welcome, ". $first_name .". You are now in our exclusive 'Members Only' section.<br>"; 
 
/* always prints the logout page, just in case the user is done */ 
echo "<br><br><b><a href=logout.php>Logout</a><br>"; 
?>
</td></tr>
</table>



</center>
</body>

</html>
login_success.php

Code: Select all

<?php 
session_start(); 

if ( isset($_POST['submit']) ) { 
        if ( empty($userid)) { 
                header("Location: memberok.php"); 
        } else { 
                echo 'Login incorrect.'; 
        } 
} 
?>
[/url]

Posted: Sat Jul 08, 2006 4:41 pm
by RobertGonzalez
Where are you setting $first_name? It appears that you are either relying on register_globals setting it for you or you are assuming that the $_POST['first_name'] var will automatically read into the $first_name var? Unless you give the var $first_name a value, it will return an undefined variable notice and evaluate to false in your script.

Posted: Sun Jul 09, 2006 8:17 pm
by 4Boredom
I dont think I set it.... I really have no clue what im doing... I did this from a tutorial and am learning as I go

So what should I do? I tried to somewhat do this with the following?

$_SESSION['first_name'] = $first_name;

Its probably wrong though as most of my initial codes are lol

Posted: Sun Jul 09, 2006 8:24 pm
by dull1554

Code: Select all

<?php
//try this
if ( isset($_POST['submit']) ) {
        if ( empty($userid) {
                header("Location: memberok.php");
        } else {
                echo 'Login incorrect.';
        }
}
?>

Posted: Sun Jul 09, 2006 9:03 pm
by RobertGonzalez
I don't think that code is going to do it, dull1554. The code you posted checks for a form field called submit to see if it is set, the checks to see if the var $userid is empty and if it is, sends them to memberok.php (incorrectly, I should add... Use a full URL).

What I think is happening here is that you are using an old tutorial that is relying on register_globals being on. What you want to do is check to see if there is a form submitted, and if it is, use the fields in $_POST array to set your session vars (after checking them for validity).

I think Maugrim_the_Reaper created a Challenge/Response snippet in the code snippets forum in this community. Try looking that up and if it doesn't give you a point inthe right direction, post back. It is fairly simple to do, but there is some coding involved.

Posted: Sun Jul 09, 2006 9:20 pm
by 4Boredom
No... I am trying to read from a MySQL database not a form.

Also, what dull1554 posted, isnt what im looking for... I think I misportrayed it.

I am just looking to post variables in the database really. It will read their userid from their login info and I will be able to post whatever I want from their profile..

Ill look more in code snippets, but its probably something simple that I am missing and am just too inexperienced to be able to pick up.

I will look though and post back if I cant

Posted: Sun Jul 09, 2006 9:43 pm
by RobertGonzalez
4Boredom wrote:No... I am trying to read from a MySQL database not a form.
How does MySQL know what select?
4Boredom wrote:I am just looking to post variables in the database really. It will read their userid from their login info and I will be able to post whatever I want from their profile..
At some point, in order to do this, you will need to interact with a form. When the form is submitted you will need to capture the data sent by the form. Hence the need for the $_POST array. Once you read the $_POST array vars into regular vars, then you can do what you want with them. But you are going to be interacting with a form at some point because MySQL will not know what person's data you want unless the script tells it which person. That is usually done through a login script of some sort.

Posted: Thu Jul 13, 2006 2:55 am
by 4Boredom
ok i get the post thing to show... but its not even registering the login.... I can type a wrong pw and it goes thru (to same screen with no name given like as if i can typed right pw).....

So yea... with that code I gave, why isnt it registering my login?? ANyone know?