Page 3 of 6
Posted: Tue Oct 03, 2006 9:51 am
by volka
try
Code: Select all
<?php
error_reporting(E_ALL); ini_set('display_errors', true);
session_start();
if (isset($_SESSION['fusername'])) {
$display_block = $_SESSION['fusername'] . ', welcome to the secret page.';
}
else {
$display_block = 'error, there is no fusername in $_SESSION: <pre>'
. var_export($_SESSION, true) . '</pre>';
}
?>
<html>
<head>
<title>Secret Page</title>
</head>
<body>
<?php echo $display_block; ?>
</body>
</html>
Posted: Tue Oct 03, 2006 10:03 am
by Obadiah
WOOOT!!!!(obi does a WoW undead rocker dance) i fixed it
check it out....ok...i kinda went back to some old code...but for a good reason....i couldent figure out why the application wasnt recognizing the password....i sanitized it though and my new login script is this
Code: Select all
session_start();
include("functions_main.inc");
$table_name = "Customer";
$next_program = "Secretpage.php";
switch (@$_POST['Button'])
{
case "Login":
$cxn = Connect_to_db("Vars.inc");
$sql = "SELECT user_name FROM $table_name
WHERE user_name='$_POST[fusername]'";
$result = mysqli_query($cxn,$sql)
or die("Couldn't execute query 1");
$num = mysqli_num_rows($result);
if($num == 1)
{
$sql = "SELECT user_name FROM $table_name
WHERE user_name='".mysqli_real_escape_string($cxn,$_POST['fusername'])."'
AND password=md5('$_POST[fpassword]')";
$result2 = mysqli_query($cxn,$sql)
or die("Couldn't execute query 2.");
$row = mysqli_fetch_assoc($result2);
if($row)
{
$_SESSION['auth']="yes";
$_SESSION['logname'] = mysqli_real_escape_string($cxn,$_POST['fusername']);
header("Location: $next_program?user='.$user_name");
}
else
{
$message_1="The Login Name, '$_POST[fusername]'
exists, but you have not entered the
correct password! Please try again.<br>";
extract($_POST);
include("fields_login.inc");
include("double_form.inc");
}
}
elseif ($num == 0) // login name not found
{
$message_1 = "The User Name you entered does not
exist! Please try again.<br>";
include("fields_login.inc");
include("double_form.inc");
}
break;
then i wrote a couple of post because i couldent figure out why the script on the secret page wasnt allowing me to show the user logged in....then BAMM!!!...while i was looking over the code i came across this small block
Code: Select all
$_SESSION['auth']="yes";
$_SESSION['logname'] = mysqli_real_escape_string($cxn,$_POST['fusername']);
and then i thought to myself, "self" my self said, "hum", what if i do somethin like this in the code of the secret page
Code: Select all
<?php
session_start();
$display_block="$_SESSION[logname] welcome to the secret page";
?>
<html>
<head>
<title>Secret Page</title>
</head>
<body>
<?php echo $display_block; ?>
</body>
</html>
and it worked, i dont quite understand it though....if i changed session[logname] to reflect in the value of[fusername] why doesnt it work....or am i understanding it wrong? many thanx to volka and spacegoat for making the ole internal hamster get off his butt and start to run on the wheel
[edited]
i got another question going along the same lines and was wondering if you guys could help me out....now that i got the secret page to show the users name via logname would i go about the same way as for like showing other information
maybe writing something like this
Code: Select all
$sql = "SELECT address FROM $table_name
WHERE user_name=$_SESSION[logname]";
will something like that work....if not any ideas on cleaning it up will be greatly apprieciated

Posted: Tue Oct 03, 2006 10:15 am
by Obadiah
sorry volka...i caught your post after mine but i did try it out i got this as an error
error, there is no fusername in $_SESSION:
array (
'auth' => 'yes',
'logname' => 'Obadiah',
)
Posted: Thu Oct 05, 2006 9:38 am
by Obadiah
can anyone help me figure out why im getting an error here the error being given is
Parse error: parse error, unexpected T_LNUMBER in C:\Program Files\xampp\htdocs\Log_In\agent\index_new.php on line 4
here is my code
Code: Select all
<?php
session_start();//begins user session after login
$display_block .="//just a normal display block command
<table cellpadding="0" cellspacing="0" border="0" align="center" style="background:url(images/tall_main.gif);width:100%; height:100% ">
<tr>
<td valign="top" width="100%" height="100%" align="center" style="background:URL(images/tall_x.gif); background-position:top; background-repeat:repeat-x;">
<table cellpadding="0" cellspacing="0" border="0" align="center">
<tr>
<td valign="top" width="716" height="685">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="716" height="25"></td>
</tr>
<tr>
<td valign="top" width="716" height="302" style="background:URL(images/header.gif) ">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="16" height="302"></td>
<td valign="top" width="684" height="302"><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="684" height="302">
<param name="movie" value="Flash/header2.swf">
<param name="quality" value="high">
<embed src="Flash/header2.swf" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" width="684" height="302"></embed>
</object></td>
<td valign="top" width="16" height="302"></td>
</tr>
</table>
</td>
</tr>
<tr>
<td valign="top" width="716" height="307">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="716" height="5"><img src="images/top.gif" alt=""></td>
</tr>
<tr>
<td valign="top" width="716" height="302" style="background:URL(images/tall_y.gif) ">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="16" height="302"></td>
<td valign="top" width="208" height="302">
<div style="padding-left:17px; padding-top:20px ">$_SESSION[logname] welcome to the secret page!</div>
<div style="padding-left:22px; padding-top:19px "><img src="images/2_p1.gif" alt=""></div>
<div style="padding-left:22px; padding-top:12px; padding-right:10px " class="main">
<strong>Agreement</strong> </div>
<div style="padding-left:22px; padding-top:5px; padding-right:10px " class="main">
<img src="images/marcer_green.gif" alt="">
<a href="U_Construct/index.htm" class="green"> ISC Agreement</a><br>
<img src="images/marcer_green.gif" alt="">
<a href="U_Construct/index.htm" class="green">Your Schedule (A) Pricing</a><br>
<img src="images/marcer_green.gif" alt="">
<a href="U_Construct/index.htm" class="green">Your Additional Services Pricing</a>
</div>
<div style="padding-left:22px; padding-top:14px "><img src="images/hl.gif" alt=""></div>
<div style="padding-left:115px; padding-top:11px "><a href="#" class="green" style="text-decoration:none "></div> </td>
<td valign="top" width="476" height="302">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="476" height="63">
<div style="padding-left:21px; padding-top:18px "><img src="images/2_w2.gif" alt=""></div>
</td>
</tr>
<tr>
<td valign="top" width="476" height="73">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="265" height="73">
<div style="padding-left:20px; padding-top:0px ">
<img src="images/2_p2.gif" alt="" align="left" style="margin-right:19px ">
<div style="padding-left:0px; padding-top:2px; padding-right:10px " class="main"><a href="U_Construct/index.htm" class="green"><strong>Online Merchant Status</strong> </a></div>
<div style="padding-left:0px; padding-top:4px; padding-right:10px " class="main">View your merchant's, and personal account online status. </div>
</div>
</td>
<td valign="top" width="211" height="73">
<div style="padding-left:0px; padding-top:0px ">
<img src="images/2_p3.gif" alt="" align="left" style="margin-right:19px ">
<div style="padding-left:0px; padding-top:2px; padding-right:10px " class="main"><a href="U_Construct/index.htm" class="green"><strong>Residual Tracking</strong> </a></div>
<div style="padding-left:0px; padding-top:4px; padding-right:10px " class="main">Click here to view online, up-to-date residual reports </div>
</div>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td valign="top" width="476" height="59">
<div style="padding-left:21px; padding-top:15px "><img src="images/2_w3.gif" alt=""></div>
</td>
</tr>
<tr>
<td valign="top" width="476" height="107">
<div style="padding-left:21px; padding-top:0px ">
<img src="images/2_p4.gif" alt="" align="right" style="margin-right:15px; margin-left:20px ">
<div style="padding-left:0px; padding-top:0px; padding-right:10px " class="main"><strong>Industry Insider -</strong> Welcome to Merchant Management Systems Agent! Coming soon the ability to access your rep account, and residual reports online.</div>
<div class="main" style="padding-left:0px; padding-top:8px "><img src="images/marcer_green.gif" alt=""><a href="U_Construct/index.htm" class="green">How
to sharpen your sales game.</a> Tips from the Master</div>
<div style="padding-left:0px; padding-top:1px "><img src="images/marcer_green.gif" alt=""><a href="U_Construct/index.htm" class="green">Coming Soon!</a></div>
<div style="padding-left:228px; padding-top:8px "><a href="#" class="green" style="text-decoration:none "> </div>
</td>
</tr>
</table>
</td>
<td valign="top" width="16" height="302"></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td valign="top" width="716" height="51" style="background:URL(images/footer.gif) ">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="241" height="51" class="policy"><div style="padding-left:33px; padding-top:5px "><a href="index-6.html" class="policy">
Merchant Management Systems<br>
is A Registered ISO/MSP of<br>
Merrick Bank, South Jordan, UT
</a></div></td>
<td valign="top" width="475" height="51">
<div style="padding-left:0px; padding-top:5px " class="main">
© 2005 Merchant Management
Systems, Inc. All Rights
Reserved | <a href="index-1.html" class="main">Privacy
Policy</a><br><br>
MMS is a registered trademark of
Merchant Management Systems Inc.
</div>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
";// closing display block
?>
<html>
<head>
<title>Secret Page</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<?php echo $display_block; ?>
</body>
</html>
is this not allowed?
Posted: Thu Oct 05, 2006 9:41 am
by volka
The syntax highlighter here displays string literals in red color. So where does the string end?
Code: Select all
$display_block .="//just a normal display block command
<table cellpadding="0" cellspacing="0" border="0" align="center"
and why?
Posted: Thu Oct 05, 2006 9:51 am
by Obadiah
volka wrote:The syntax highlighter here displays string literals in red color. So where does the string end?
Code: Select all
$display_block .="//just a normal display block command
<table cellpadding="0" cellspacing="0" border="0" align="center"
and why?
the comment
//just a normal display block command
i just put in there while posting it here, and the display block doesn't end until the last </table> tag.....did i use the display block in the wrong way? lol....why do i get the feeling like im not answering your question correctly?
Posted: Thu Oct 05, 2006 9:53 am
by volka
no,<table is still red.
Posted: Thu Oct 05, 2006 10:00 am
by Obadiah
Obadiah wrote:can anyone help me figure out why im getting an error here the error being given is
Parse error: parse error, unexpected T_LNUMBER in C:\Program Files\xampp\htdocs\Log_In\agent\index_new.php on line 4
here is my code
Code: Select all
<?php
session_start();//begins user session after login
$display_block .="
<table cellpadding="0" cellspacing="0" border="0" align="center" style="background:url(images/tall_main.gif);width:100%; height:100% ">
<tr>
<td valign="top" width="100%" height="100%" align="center" style="background:URL(images/tall_x.gif); background-position:top; background-repeat:repeat-x;">
<table cellpadding="0" cellspacing="0" border="0" align="center">
<tr>
<td valign="top" width="716" height="685">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="716" height="25"></td>
</tr>
<tr>
<td valign="top" width="716" height="302" style="background:URL(images/header.gif) ">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="16" height="302"></td>
<td valign="top" width="684" height="302"><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="684" height="302">
<param name="movie" value="Flash/header2.swf">
<param name="quality" value="high">
<embed src="Flash/header2.swf" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" width="684" height="302"></embed>
</object></td>
<td valign="top" width="16" height="302"></td>
</tr>
</table>
</td>
</tr>
<tr>
<td valign="top" width="716" height="307">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="716" height="5"><img src="images/top.gif" alt=""></td>
</tr>
<tr>
<td valign="top" width="716" height="302" style="background:URL(images/tall_y.gif) ">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="16" height="302"></td>
<td valign="top" width="208" height="302">
<div style="padding-left:17px; padding-top:20px ">$_SESSION[logname] welcome to the secret page!</div>
<div style="padding-left:22px; padding-top:19px "><img src="images/2_p1.gif" alt=""></div>
<div style="padding-left:22px; padding-top:12px; padding-right:10px " class="main">
<strong>Agreement</strong> </div>
<div style="padding-left:22px; padding-top:5px; padding-right:10px " class="main">
<img src="images/marcer_green.gif" alt="">
<a href="U_Construct/index.htm" class="green"> ISC Agreement</a><br>
<img src="images/marcer_green.gif" alt="">
<a href="U_Construct/index.htm" class="green">Your Schedule (A) Pricing</a><br>
<img src="images/marcer_green.gif" alt="">
<a href="U_Construct/index.htm" class="green">Your Additional Services Pricing</a>
</div>
<div style="padding-left:22px; padding-top:14px "><img src="images/hl.gif" alt=""></div>
<div style="padding-left:115px; padding-top:11px "><a href="#" class="green" style="text-decoration:none "></div> </td>
<td valign="top" width="476" height="302">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="476" height="63">
<div style="padding-left:21px; padding-top:18px "><img src="images/2_w2.gif" alt=""></div>
</td>
</tr>
<tr>
<td valign="top" width="476" height="73">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="265" height="73">
<div style="padding-left:20px; padding-top:0px ">
<img src="images/2_p2.gif" alt="" align="left" style="margin-right:19px ">
<div style="padding-left:0px; padding-top:2px; padding-right:10px " class="main"><a href="U_Construct/index.htm" class="green"><strong>Online Merchant Status</strong> </a></div>
<div style="padding-left:0px; padding-top:4px; padding-right:10px " class="main">View your merchant's, and personal account online status. </div>
</div>
</td>
<td valign="top" width="211" height="73">
<div style="padding-left:0px; padding-top:0px ">
<img src="images/2_p3.gif" alt="" align="left" style="margin-right:19px ">
<div style="padding-left:0px; padding-top:2px; padding-right:10px " class="main"><a href="U_Construct/index.htm" class="green"><strong>Residual Tracking</strong> </a></div>
<div style="padding-left:0px; padding-top:4px; padding-right:10px " class="main">Click here to view online, up-to-date residual reports </div>
</div>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td valign="top" width="476" height="59">
<div style="padding-left:21px; padding-top:15px "><img src="images/2_w3.gif" alt=""></div>
</td>
</tr>
<tr>
<td valign="top" width="476" height="107">
<div style="padding-left:21px; padding-top:0px ">
<img src="images/2_p4.gif" alt="" align="right" style="margin-right:15px; margin-left:20px ">
<div style="padding-left:0px; padding-top:0px; padding-right:10px " class="main"><strong>Industry Insider -</strong> Welcome to Merchant Management Systems Agent! Coming soon the ability to access your rep account, and residual reports online.</div>
<div class="main" style="padding-left:0px; padding-top:8px "><img src="images/marcer_green.gif" alt=""><a href="U_Construct/index.htm" class="green">How
to sharpen your sales game.</a> Tips from the Master</div>
<div style="padding-left:0px; padding-top:1px "><img src="images/marcer_green.gif" alt=""><a href="U_Construct/index.htm" class="green">Coming Soon!</a></div>
<div style="padding-left:228px; padding-top:8px "><a href="#" class="green" style="text-decoration:none "> </div>
</td>
</tr>
</table>
</td>
<td valign="top" width="16" height="302"></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td valign="top" width="716" height="51" style="background:URL(images/footer.gif) ">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td valign="top" width="241" height="51" class="policy"><div style="padding-left:33px; padding-top:5px "><a href="index-6.html" class="policy">
Merchant Management Systems<br>
is A Registered ISO/MSP of<br>
Merrick Bank, South Jordan, UT
</a></div></td>
<td valign="top" width="475" height="51">
<div style="padding-left:0px; padding-top:5px " class="main">
© 2005 Merchant Management
Systems, Inc. All Rights
Reserved | <a href="index-1.html" class="main">Privacy
Policy</a><br><br>
MMS is a registered trademark of
Merchant Management Systems Inc.
</div>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
";
?>
<html>
<head>
<title>Secret Page</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<?php echo $display_block; ?>
</body>
</html>
is this not allowed?
Posted: Thu Oct 05, 2006 10:01 am
by volka
volka wrote:The syntax highlighter here displays string literals in red color. So where does the string end?
Code: Select all
$display_block .="//just a normal display block command
<table cellpadding="0" cellspacing="0" border="0" align="center"
and why?
Posted: Thu Oct 05, 2006 10:04 am
by Obadiah
lol...i thought i hit edit....sorry about that volka....are you saying that somewhere in the html there is a loose (")?
Posted: Thu Oct 05, 2006 10:06 am
by volka
Why does the highlighter print def in black?
Code: Select all
$display_block .="//just a normal display block command
<table cellpadding="0" cellspacing="0" border="0" align="center"
Why does it print the 0 after cellpadding in black?
Posted: Thu Oct 05, 2006 10:13 am
by Obadiah
i dont have a php editor....but the only reason i can give you is that the string ends....def is not part of that original string if you did something like this it would be valid
i think...ok....so your saying to take out all the quotes in the html given in the display tag?
Posted: Thu Oct 05, 2006 10:16 am
by volka
No, you want the quotes in the html output.
Code: Select all
<?php
echo "abc\"def"; // valid
echo 'abc"def'; // valid
?>
Posted: Thu Oct 05, 2006 10:31 am
by Luke
Yea you have to escape quotes within quotes... otherwise the string ends at cellpadding=
Code: Select all
$display_block .="//just a normal display block command
<table cellpadding="0" cellspacing="0" border="0" align="center"
As for a PHP editor... syntax highlighting will prevent 99% of parse errors... here's a free one that's pretty decent:
http://crimsoneditor.com/
Posted: Thu Oct 05, 2006 10:47 am
by Obadiah

i should have known that....ok...now i get an error for this line
Code: Select all
<div style=\"padding-left:17px; padding-top:20px;\">$_SESSION[logname] welcome to the secret page!</div>
\\ and i also tried it this way
<?php echo "$_SESSION[logname] welcome to the secret page!";?>
and the kicker is yesterday and today when i run this script
Code: Select all
<?php
session_start();
$display_block="$_SESSION[logname] welcome to the secret page";
?>
<html>
<head>
<title>Secret Page</title>
</head>
<body>
<?php echo $display_block; ?>
</body>
</html>
it works fine....since the coding for the 2 pages are different is there another way i can go about this?