Page 1 of 2
[solved]--get() almost working[edited]!?!--[solved]
Posted: Thu Aug 24, 2006 4:23 pm
by Obadiah
ok...im finished with the whole login/registration shpeal of my project and now im wanting to start personalizing some of the pages for some of the users who enters the site...so what i do is research a simple get/post online and try to follow what scottayy replied back to me...at the time it didnt make mych sence but now i kind of get it...but here is the problem im having....after the user logs in the way i have it set up to work is that their name should appear on the page and on a link and niether of them work and i cant figure out why. here is a sample from one of the links
Code: Select all
<a href="U_Construct/index.htm" class="green"><?php echo $_POST['fusername']?> ISC Agreement</a>
does anyone know what i may be doing wrong?
Re: get() not working!!!
Posted: Thu Aug 24, 2006 6:16 pm
by Christopher
If you want to show user data after the user has logged-in, save it in the session upon login and then do something like
Code: Select all
<a href="U_Construct/index.htm" class="green"><?php echo $_SESSION['user']['fusername']?> ISC Agreement</a>
Posted: Thu Aug 24, 2006 6:18 pm
by daedalus__
Does $_POST['fusername'] exist?
You might also separate $_POST['fusername'] and ?>
How about the whole script?
Posted: Fri Aug 25, 2006 8:25 am
by Obadiah
i was afraid to post the entire script since the login consist of three files not including the webpage it needs to post to, one file is just gui, another has the functions, and arrays and then theirs the main file that ties it all together....here is the main file
Code: Select all
<?php
/* Program: Login.php
* Desc: Main application script for the User Login
* application. It provides two options: (1) login
* using an existing User Name and (2) register
* a new user name. User Names and passwords are
* stored in a MySQL database.
*/
session_start();
include("functions_main.inc");
$table_name = "Customer";
$next_program = "../Log_In/agent/index_new.htm";
switch (@$_POST['Button'])
{
case "Login":
$cxn = Connect_to_db("Vars.inc");
$sql = "SELECT user_name FROM $table_name
WHERE user_name='$_POST[fusername]'";
$result = mysqli_query($cxn,$sql)
or die("Couldn't execute query 1");
$num = mysqli_num_rows($result);
if($num == 1)
{
$sql = "SELECT user_name FROM $table_name
WHERE user_name='$_POST[fusername]'
AND password=md5('$_POST[fpassword]')";
$result2 = mysqli_query($cxn,$sql)
or die("Couldn't execute query 2.");
$row = mysqli_fetch_assoc($result2);
if($row)
{
$_SESSION['auth']="yes";
$_SESSION['logname'] = $_POST['fusername'];
header("Location: $next_program");
}
else
{
$message_1="The Login Name, '$_POST[fusername]'
exists, but you have not entered the
correct password! Please try again.<br>";
extract($_POST);
include("fields_login.inc");
include("double_form.inc");
}
}
elseif ($num == 0) // login name not found
{
$message_1 = "The User Name you entered does not
exist! Please try again.<br>";
include("fields_login.inc");
include("double_form.inc");
}
break;
case "Register":
/* Check for blanks */
foreach($_POST as $field => $value)
{
if ($field != "fax")
{
if ($value == "")
{
$blanks[] = $field;
}
}
}
if(isset($blanks))
{
$message_2 = "The following fields are blank.
Please enter the required information: ";
foreach($blanks as $value)
{
$message_2 .="$value, ";
}
extract($_POST);
include("fields_login.inc");
include("double_form.inc");
exit();
}
/* validate data */
foreach($_POST as $field => $value)
{
if(!empty($value))
{
if(eregi("name",$field) and
!eregi("user",$field) and !eregi("log",$field))
{
if (!ereg("^[A-Za-z' -]{1,50}$",$value))
{
$errors[] = "$value is not a valid name.";
}
}
if(eregi("street",$field)or eregi("addr",$field) or
eregi("city",$field))
{
if(!ereg("^[A-Za-z0-9.,' -]{1,50}$",$value))
{
$errors[] = "$value is not a valid address
or city.";
}
}
if(eregi("state",$field))
{
if(!ereg("[A-Za-z]",$value))
{
$errors[] = "$value is not a valid state.";
}
}
if(eregi("email",$field))
{
if(!ereg("^.+@.+\\..+$",$value))
{
$errors[] = "$value is not a valid email
address.";
}
}
if(eregi("zip",$field))
{
if(!ereg("^[0-9]{5,5}(\-[0-9]{4,4})?$",$value))
{
$errors[] = "$value is not a valid zipcode.";
}
}
if(eregi("phone",$field) or eregi("fax",$field))
{
if(!ereg("^[0-9)(xX -]{7,20}$",$value))
{
$errors[] = "$value is not a valid phone
number. ";
}
}
}
}
foreach($_POST as $field => $value)
{
if($field != "Button")
{
if($field == "password")
{
$password = strip_tags(trim($value));
}
else
{
$fields[]=$field;
$value = strip_tags(trim($value));
$values[] = addslashes($value);
$$field = $value;
}
}
}
if(@is_array($errors))
{
$message_2 = "";
foreach($errors as $value)
{
$message_2 .= $value." Please try again<br />";
}
include("fields_login.inc");
include("double_form.inc");
exit();
}
$user_name = $_POST['user_name'];
/* check to see if user name already exists */
$cxn = Connect_to_db("Vars.inc");
$sql = "SELECT user_name FROM $table_name
WHERE user_name='$user_name'";
$result = mysqli_query($cxn,$sql)
or die("Couldn't execute query.");
$num = mysqli_num_rows($result);
if ($num > 0)
{
$message_2 = "$user_name already used. Select another
User Name.";
include("fields_login.inc");
include("double_form.inc");
exit();
}
else
{
$today = date("Y-m-d");
$fields_str = implode(",",$fields);
$values_str = implode('","',$values);
$fields_str .=",create_date";
$values_str .='"'.",".'"'.$today;
$fields_str .=",password";
$values_str .= '"'.","."md5"."('".$password."')";
$sql = "INSERT INTO $table_name ";
$sql .= "(".$fields_str.")";
$sql .= " VALUES ";
$sql .= "(".'"'.$values_str.")";
mysqli_query($cxn,$sql) or die(mysqli_error($cxn));
$_SESSION['auth']="yes";
$_SESSION['logname'] = $user_name;
/* send email to new Customer */
$emess = "You have successfully registered. ";
$emess .= "Your new user name and password are: ";
$emess .= "\n\n\t$user_name\n\t";
$emess .= "password\n\n";
$emess .= "We appreciate your interest. \n\n";
$emess .= "If you have any questions or problems,";
$emess .= " email service@ourstore.com";
$subj = "Your new customer registration";
#$mailsend=mail("$email","$subj","$emess");
header("Location: $next_program");
}
break;
default:
include("fields_login.inc");
include("double_form.inc");
}
?>
and here is the html file im trying to post personal information to from the database that that file is storing to
Code: Select all
<html>
<head>
<title>Welcome to OnlineWithMMS - Agent</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<table cellpadding="0" cellspacing="0" border="0" align="center" style="background:url(images/tall_main.gif);width:100%; height:100% ">
<tr>
<td valign="top" width="100%" height="100%" align="center" style="background:URL(images/tall_x.gif); background-position:top; background-repeat:repeat-x;">
<table cellpadding="0" cellspacing="0" border="0" align="center">
<tr>
<td valign="top" width="716" height="685">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="716" height="25"></td>
</tr>
<tr>
<td valign="top" width="716" height="302" style="background:URL(images/header.gif) ">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="16" height="302"></td>
<td valign="top" width="684" height="302"><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="684" height="302">
<param name="movie" value="Flash/header2.swf">
<param name="quality" value="high">
<embed src="Flash/header2.swf" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" width="684" height="302"></embed>
</object></td>
<td valign="top" width="16" height="302"></td>
</tr>
</table>
</td>
</tr>
<tr>
<td valign="top" width="716" height="307">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="716" height="5"><img src="images/top.gif" alt=""></td>
</tr>
<tr>
<td valign="top" width="716" height="302" style="background:URL(images/tall_y.gif) ">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="16" height="302"></td>
<td valign="top" width="208" height="302">
<div style="padding-left:17px; padding-top:20px "><img src="images/2_w1.gif" alt=""></div>
<div style="padding-left:22px; padding-top:19px "><img src="images/2_p1.gif" alt=""></div>
<div style="padding-left:22px; padding-top:12px; padding-right:10px " class="main">
<strong>Agreement</strong> </div>
<div style="padding-left:22px; padding-top:5px; padding-right:10px " class="main">
<img src="images/marcer_green.gif" alt="">
<a href="U_Construct/index.htm" class="green"><?php echo $_POST['fusername']?> ISC Agreement</a><br>
<!--the echo sample is above this line-->
<img src="images/marcer_green.gif" alt="">
<a href="U_Construct/index.htm" class="green">Your Schedule (A) Pricing</a><br>
<img src="images/marcer_green.gif" alt="">
<a href="U_Construct/index.htm" class="green">Your Additional Services Pricing</a>
</div>
<div style="padding-left:22px; padding-top:14px "><img src="images/hl.gif" alt=""></div>
<div style="padding-left:115px; padding-top:11px "><a href="#" class="green" style="text-decoration:none "></div> </td>
<td valign="top" width="476" height="302">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="476" height="63">
<div style="padding-left:21px; padding-top:18px "><img src="images/2_w2.gif" alt=""></div>
</td>
</tr>
<tr>
<td valign="top" width="476" height="73">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="265" height="73">
<div style="padding-left:20px; padding-top:0px ">
<img src="images/2_p2.gif" alt="" align="left" style="margin-right:19px ">
<div style="padding-left:0px; padding-top:2px; padding-right:10px " class="main"><a href="U_Construct/index.htm" class="green"><strong>Online Merchant Status</strong> </a></div>
<div style="padding-left:0px; padding-top:4px; padding-right:10px " class="main">View your merchant's, and personal account online status. </div>
</div>
</td>
<td valign="top" width="211" height="73">
<div style="padding-left:0px; padding-top:0px ">
<img src="images/2_p3.gif" alt="" align="left" style="margin-right:19px ">
<div style="padding-left:0px; padding-top:2px; padding-right:10px " class="main"><a href="U_Construct/index.htm" class="green"><strong>Residual Tracking</strong> </a></div>
<div style="padding-left:0px; padding-top:4px; padding-right:10px " class="main">Click here to view online, up-to-date residual reports </div>
</div>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td valign="top" width="476" height="59">
<div style="padding-left:21px; padding-top:15px "><img src="images/2_w3.gif" alt=""></div>
</td>
</tr>
<tr>
<td valign="top" width="476" height="107">
<div style="padding-left:21px; padding-top:0px ">
<img src="images/2_p4.gif" alt="" align="right" style="margin-right:15px; margin-left:20px ">
<div style="padding-left:0px; padding-top:0px; padding-right:10px " class="main"><strong>Industry Insider -</strong> Welcome to Merchant Management Systems Agent! Coming soon the ability to access your rep account, and residual reports online.</div>
<div class="main" style="padding-left:0px; padding-top:8px "><img src="images/marcer_green.gif" alt=""><a href="U_Construct/index.htm" class="green">How
to sharpen your sales game.</a> Tips from the Master</div>
<div style="padding-left:0px; padding-top:1px "><img src="images/marcer_green.gif" alt=""><a href="U_Construct/index.htm" class="green">Coming Soon!</a></div>
<div style="padding-left:228px; padding-top:8px "><a href="#" class="green" style="text-decoration:none "> </div>
</td>
</tr>
</table>
</td>
<td valign="top" width="16" height="302"></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td valign="top" width="716" height="51" style="background:URL(images/footer.gif) ">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="241" height="51" class="policy"><div style="padding-left:33px; padding-top:5px "><a href="index-6.html" class="policy">
Merchant Management Systems<br>
is A Registered ISO/MSP of<br>
Merrick Bank, South Jordan, UT
</a></div></td>
<td valign="top" width="475" height="51">
<div style="padding-left:0px; padding-top:5px " class="main">
© 2005 Merchant Management
Systems, Inc. All Rights
Reserved | <a href="index-1.html" class="main">Privacy
Policy</a><br><br>
MMS is a registered trademark of
Merchant Management Systems Inc.
</div>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>
in addition to certain fields in the database like fusername im wanting to also pull files that also need to be classified via user_name(user_name being my primary key field) how can i go about this and how can i fix what seems to be the headache of a problem that i created by getting this stupid get() to work?
Posted: Fri Aug 25, 2006 11:33 am
by Obadiah
wait....i just think i got it...what did you mean about save it in the session...are you talking about the database...how do i save info in the session?
Posted: Fri Aug 25, 2006 11:55 am
by RobertGonzalez
$_POST is an array that stores information from a form to the page the form was posted to. After that page, if there is no form posting, the $_POST array is empty. You need to take the posted information and store it into a session (or cookie, but sessions are better) for use throughout the site.
And I would recommend ditching the error suppression operators ('@') throughout your script. They are not really doing anything except slowing it down.
Posted: Mon Aug 28, 2006 3:20 pm
by Obadiah
closer still guys but no bag or box of candy cigars for me yet but heres something i did thats a little cool although im not quite sure what im doing or how too implement it further same rules as the first but with small changes...ill just note the changes
Code: Select all
if($row)
{
$_SESSION['auth']="yes";
$_SESSION['logname'] = $_POST['fusername'];
header("Location: $next_program?user='.$user_name");// does not show the redirect in the browser
}
else
{
$message_1="The Login Name, '$_POST[fusername]'
exists, but you have not entered the
correct password! Please try again.<br>";
extract($_POST);
include("fields_login.inc");
include("double_form.inc");
}
and
Code: Select all
if ($num > 0)
{
$message_2 = "$user_name already used. Select another
User Name.";
include("fields_login.inc");
include("double_form.inc");
exit();
}
else
{
$today = date("Y-m-d");
$fields_str = implode(",",$fields);
$values_str = implode('","',$values);
$fields_str .=",create_date";
$values_str .='"'.",".'"'.$today;
$fields_str .=",password";
$values_str .= '"'.","."md5"."('".$password."')";
$sql = "INSERT INTO $table_name ";
$sql .= "(".$fields_str.")";
$sql .= " VALUES ";
$sql .= "(".'"'.$values_str.")";
mysqli_query($cxn,$sql) or die(mysqli_error($cxn));
$_SESSION['auth']="yes";
$_SESSION['logname'] = $user_name;
/* send email to new Customer */
$emess = "You have successfully registered. ";
$emess .= "Your new user name and password are: ";
$emess .= "\n\n\t$user_name\n\t";
$emess .= "password\n\n";
$emess .= "We appreciate your interest. \n\n";
$emess .= "If you have any questions or problems,";
$emess .= " email service@ourstore.com";
$subj = "Your new customer registration";
#$mailsend=mail("$email","$subj","$emess");
header("Location: $next_program?user='.$user_name");// shows the redirect in the browser
}
}
?>
what is the difference?...i cant figure it out, both header() methods contain the same lines of code but only one will show the psudo redirect in the browser....and if thats a indication of a possibility that my program is working or that im getting closer what do i do now
here is my html code...i added a bit more php to it but to no avail as its still not posting any information that i need it to post...any further help either through fustrated flaming or knowlede via anvil to the head

would be greatly appriciated...sorry again if im fustrating you guys you can see the program and part of my company's website at work
here ok....just for reiteration whenever you register...it will show your name in the browser but when you login afterwards it nolonger shows the redirect
Code: Select all
<html>
<head>
<title>Welcome to OnlineWithMMS - Agent</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<?php
session_start();
include("../../php/functions_main.inc");
$table_name = "Customer";
$user_name = $_GET['user_name']
?>
<a href="U_Construct/index.htm" class="green"><?php echo $_POST['user_name']?> ISC Agreement</a><br>
Posted: Tue Aug 29, 2006 8:26 am
by Obadiah
cmon guys....i know im down to
one line...somebody jump on it.....why does one header include the user inside the browser and the other dosent....why cant i pull the info from the database, i started the session and placed my get and post respectively...im so close to having this stupid project done i can taste it

Posted: Tue Sep 05, 2006 2:48 pm
by Obadiah
id like to post a duplicate of this one but i better not...but has anyone figured out why one line workes and the other dosent....what am i not doing to get the post working correctly?
Posted: Thu Sep 07, 2006 10:54 am
by Obadiah
ok, since noone wants to answer me about those questions what if in my connection file i place a like like
Code: Select all
$get_list = "select id, concat_ws(',',username) as display_name from master_name"
will this work?
Posted: Fri Sep 08, 2006 2:50 pm
by RobertGonzalez
Obadiah wrote:id like to post a duplicate of this one but i better not...but has anyone figured out why one line workes and the other dosent....what am i not doing to get the post working correctly?
You need to change your code to not start the session after output to the browser.
Show which line is working through which line is not, and make sure to post all relevent custom functions and such.
Posted: Fri Sep 08, 2006 4:14 pm
by Obadiah
so your saying to place my php code right before the last body tag right?
and you asked me to show which one is not going through but i already posted it...if we are on the same page ill post it again though just to make sure
Obadiah wrote:closer still guys but no bag or box of candy cigars for me yet but heres something i did thats a little cool although im not quite sure what im doing or how too implement it further same rules as the first but with small changes...ill just note the changes
Code: Select all
if($row)
{
$_SESSION['auth']="yes";
$_SESSION['logname'] = $_POST['fusername'];
header("Location: $next_program?user='.$user_name");// does not show the redirect in the browser
}
else
{
$message_1="The Login Name, '$_POST[fusername]'
exists, but you have not entered the
correct password! Please try again.<br>";
extract($_POST);
include("fields_login.inc");
include("double_form.inc");
}
and
Code: Select all
if ($num > 0)
{
$message_2 = "$user_name already used. Select another
User Name.";
include("fields_login.inc");
include("double_form.inc");
exit();
}
else
{
$today = date("Y-m-d");
$fields_str = implode(",",$fields);
$values_str = implode('","',$values);
$fields_str .=",create_date";
$values_str .='"'.",".'"'.$today;
$fields_str .=",password";
$values_str .= '"'.","."md5"."('".$password."')";
$sql = "INSERT INTO $table_name ";
$sql .= "(".$fields_str.")";
$sql .= " VALUES ";
$sql .= "(".'"'.$values_str.")";
mysqli_query($cxn,$sql) or die(mysqli_error($cxn));
$_SESSION['auth']="yes";
$_SESSION['logname'] = $user_name;
/* send email to new Customer */
$emess = "You have successfully registered. ";
$emess .= "Your new user name and password are: ";
$emess .= "\n\n\t$user_name\n\t";
$emess .= "password\n\n";
$emess .= "We appreciate your interest. \n\n";
$emess .= "If you have any questions or problems,";
$emess .= " email service@ourstore.com";
$subj = "Your new customer registration";
#$mailsend=mail("$email","$subj","$emess");
header("Location: $next_program?user='.$user_name");// shows the redirect in the browser
}
}
?>
what is the difference?...i cant figure it out, both header() methods contain the same lines of code but only one will show the psudo redirect in the browser....and if thats a indication of a possibility that my program is working or that im getting closer what do i do now
here is my html code...i added a bit more php to it but to no avail as its still not posting any information that i need it to post...any further help either through fustrated flaming or knowlede via anvil to the head

would be greatly appriciated...sorry again if im fustrating you guys you can see the program and part of my company's website at work
here ok....just for reiteration whenever you register...it will show your name in the browser but when you login afterwards it nolonger shows the redirect
im sorry everah if im not on the same page...but it seems as though im sop close to figuring this stupid thing out...and im trying my best to understand what you guys are saying
Posted: Fri Sep 08, 2006 6:18 pm
by RobertGonzalez
Ok, so you are saying that the second
header() call does redirect the user to the page specified in the header call, right? (On a side note, use full URI's in the header call when redirecting, and follow it by a call to exit;).
Here is the code that you say is not working...
Code: Select all
if($row)
{
$_SESSION['auth']="yes";
$_SESSION['logname'] = $_POST['fusername'];
header("Location: $next_program?user='.$user_name");// does not show the redirect in the browser
}
else
{
$message_1="The Login Name, '$_POST[fusername]'
exists, but you have not entered the
correct password! Please try again.<br>";
extract($_POST);
include("fields_login.inc");
include("double_form.inc");
}
The only way the call to header is going to fire is if $row evaluates to true. Is $row evaluating to true?
Posted: Mon Sep 11, 2006 8:42 am
by Obadiah
it should be....from what i understand the else test if the username and password are stored in the database....if not then it will give an error message and if so it allows the user to go to the next page....i just looked at something....maybe you should take a look at it....
this is the page....if you can first register....when you look in the browser you will see your username apearing as last in the string...then just log in regularly...it dosent...it does the whole redirect thing but the name dosent appear...why?
Posted: Mon Sep 11, 2006 2:04 pm
by Rooster242
are you sure this line is working?
Code: Select all
$values_str .= '"'.","."md5"."('".$password."')";
shouldn't it be something like
Code: Select all
$values_str .= '"'.",".md5($password);
after registering a user, look in the database and make sure the password is hashed correctly.