Page 1 of 1

Please check the misstake and correct the class

Posted: Thu Oct 19, 2006 2:38 am
by asadrafiq
JayBird | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Hello guys I have a problem in this code i fail to login. Some one please find out any mistake the please correct it

[b]Sentry.php class[/b]

Code: Select all

<?php
class sentry {
	
	var $loggedin = false;	
	var $userdata;			
	
	function sentry(){
		session_start();
		header("Cache-control: private"); 
	}
	
	function logout(){
		unset($this->userdata);
		session_destroy();
		return true;
	}

	function checkLogin($user = '',$pass = '',$group = 10,$goodRedirect = '',$badRedirect = ''){


		require_once('DbConnector.php');
		require_once('Validator.php');
		$validate = new Validator();
		$loginConnector = new DbConnector();
		

		if ($_SESSION['user'] && $_SESSION['pass']){


			if (!$validate->validateTextOnly($_SESSION['user'])){return false;}
			if (!$validate->validateTextOnly($_SESSION['pass'])){return false;}

			$getUser = $loginConnector->query("SELECT * FROM cmsusers WHERE user = '".$_SESSION['user']."' AND pass = '".$_SESSION['pass']."' AND thegroup <= ".$group.' AND enabled = 1');

			if ($loginConnector->getNumRows($getUser) > 0){

				if ($goodRedirect != '') { 
					header("Location: ".$goodRedirect."?".strip_tags(session_id())) ;
				}			
				return true;
			}else{

				$this->logout();
				return false;
			}
			

		}else{	

			if (!$validate->validateTextOnly($user)){return false;}
			if (!$validate->validateTextOnly($pass)){return false;}


			$getUser = $loginConnector->query("SELECT * FROM cmsusers WHERE user = '$user' AND pass = PASSWORD('$pass') AND thegroup <= $group AND enabled = 1");
			$this->userdata = $loginConnector->fetchArray($getUser);

			if ($loginConnector->getNumRows($getUser) > 0){
				$this->sentry();
				$_SESSION["user"] = $user;
				$_SESSION["pass"] = $this->userdata['pass'];
				$_SESSION["thegroup"] = $this->userdata['thegroup'];
								
				if ($goodRedirect) { 
					header("Location: ".$goodRedirect."?".strip_tags(session_id())) ;
				}
				return true;

			}else{

				unset($this->userdata);
				if ($badRedirect) { 
					header("Location: ".$badRedirect) ;					
				}		
				return false;
			}
		}			
	}
}	
?>

login.php class

Code: Select all

<?php
require_once("../includes/Sentry.php");

$sentry = new Sentry();
if ($HTTP_POST_VARS['user'] != ''){
	$sentry->checkLogin($HTTP_POST_VARS['user'],$HTTP_POST_VARS['pass'],'welcome.php','login.php');
}

if ($HTTP_GET_VARS['action'] == 'logout'){
	if ($sentry->logout()){
		echo '<center>You have been logged out</center><br>';
	}
}
?>
<html>
<head>
<title>login page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

</head>

<body>
<table width="25%" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#000066">
  <tr>
    <td align="center" bgcolor="#000066"><font color="#FFFFFF" size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>Login</strong></font></td>
  </tr>
  <tr>
    <td bordercolor="#FFFFFF"><form name="form1" method="post" action="login.php">
        <p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><br>
&nbsp;User:
          <input type="text" name="user">
        </font></p>
        <p><font size="2" face="Verdana, Arial, Helvetica, sans-serif">&nbsp;Pass:
              <input type="password" name="pass">
        </font></p>
        <p align="center"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">
          <input type="submit" name="Submit2" value="Submit" >
        </font></p>
      </form>
       
    </td>
  </tr>
</table>
</body>
</html>
DbConnecot.php class

Code: Select all

<?php
////////////////////////////////////////////////////////////////////////////////////////
// Class: DbConnector
// Purpose: Connect to a database, MySQL version
///////////////////////////////////////////////////////////////////////////////////////
require_once 'SystemComponent.php';

class DbConnector extends SystemComponent {

var $theQuery;
var $link;

//*** Function: DbConnector, Purpose: Connect to the database ***
function DbConnector(){

	// Load settings from parent class
	$settings = SystemComponent::getSettings();

	// Get the main settings from the array we just loaded
	$host = $settings['dbhost'];
	$db = $settings['dbname'];
	$user = $settings['dbusername'];
	$pass = $settings['dbpassword'];
	$imgpath = $settings['imagepath'];

	// Connect to the database
	$this->link = mysql_connect($host, $user, $pass);
	mysql_select_db($db);
	register_shutdown_function(array(&$this, 'close'));

}

//*** Function: query, Purpose: Execute a database query ***
function query($query) {
	$this->theQuery = $query;
	return mysql_query($query, $this->link);
}

//*** Function: getQuery, Purpose: Returns the last database query, for debugging ***
function getQuery() {
	return $this->theQuery;
}

//*** Function: getNumRows, Purpose: Return row count, MySQL version ***
function getNumRows($result){
	return mysql_num_rows($result);
}

//*** Function: fetchArray, Purpose: Get array of query results ***
function fetchArray($result) {
	return mysql_fetch_array($result);
}

//*** Function: close, Purpose: Close the connection ***
function close() {
	mysql_close($this->link);
}


}
?>
SystemComponent.php class

Code: Select all

<?php
class SystemComponent {

var $settings;

function getSettings() {

// System variables
$settings['siteDir'] = 'G:\wamp\www\cms';

// Database variables
$settings['dbhost'] = 'localhost';
$settings['dbusername'] = 'root';
$settings['dbpassword'] = '';
$settings['dbname'] = 'mydb';
$settings['imagepath']="../images/";

return $settings;

}

}
?>
Validator.php class

Code: Select all

<?php
require_once 'SystemComponent.php';
class Validator extends SystemComponent {

	var $errors; // A variable to store a list of error messages

	// Validate something's been entered
	// NOTE: Only this method does nothing to prevent SQL injection
	// use with addslashes() command
	function validateGeneral($theinput,$description = ''){
		if (trim($theinput) != "") {
			return true;
		}else{
			$this->errors[] = $description;
			return false;
		}
	}
	
	// Validate text only
	function validateTextOnly($theinput,$description = ''){
		$result = ereg ("^[A-Za-z0-9\ ]+$", $theinput );
		if ($result){
			return true;
		}else{
			$this->errors[] = $description;
			return false; 
		}
	}

	// Validate text only, no spaces allowed
	function validateTextOnlyNoSpaces($theinput,$description = ''){
		$result = ereg ("^[A-Za-z0-9]+$", $theinput );
		if ($result){
			return true;
		}else{
			$this->errors[] = $description;
			return false; 
		}
	}
		
	// Validate email address
	function validateEmail($themail,$description = ''){
		$result = ereg ("^[^@ ]+@[^@ ]+\.[^@ \.]+$", $themail );
		if ($result){
			return true;
		}else{
			$this->errors[] = $description;
			return false; 
		}
			
	}
	
	// Validate numbers only
	function validateNumber($theinput,$description = ''){
		if (is_numeric($theinput)) {
			return true; // The value is numeric, return true
		}else{ 
			$this->errors[] = $description; // Value not numeric! Add error description to list of errors
			return false; // Return false
		}
	}
	
	// Validate date
	function validateDate($thedate,$description = ''){

		if (strtotime($thedate) === -1 || $thedate == '') {
			$this->errors[] = $description;
			return false;
		}else{
			return true;
		}
	}
	
	// Check whether any errors have been found (i.e. validation has returned false)
	// since the object was created
	function foundErrors() {
		if (count($this->errors) > 0){
			return true;
		}else{
			return false;
		}
	}

	// Return a string containing a list of errors found,
	// Seperated by a given deliminator
	function listErrors($delim = ' '){
		return implode($delim,$this->errors);
	}
	
	// Manually add something to the list of errors
	function addError($description){
		$this->errors[] = $description;
	}	
		
}
?>

JayBird | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Thu Oct 19, 2006 5:22 am
by RecoilUK
It may help if you actually post the error you are getting.