Page 1 of 1

php dynamic redirect dreamweaver

Posted: Tue Jul 24, 2007 7:50 pm
by cupaball
Hi All

I am trying to create client where the user logs in and is taken to their page based on their user name and password and corresponding link in the mysql. I am using dreamweaver 8's log in script and when it says if success, I am using dynamic data. So the redirect variable looks like this

Code: Select all

$MM_redirectLoginSuccess = "<?php echo $row_showpic['pic']; ?>";
The form does not show when this code is there however it does show if I just put a page (i.e. client.php)

Any help on this?

Posted: Tue Jul 24, 2007 7:54 pm
by cupaball
By the way here is the entire script Dreamweaver produced

Code: Select all

<?php require_once('Connections/connUser.php'); ?>
<?php
mysql_select_db($database_connUser, $connUser);
$query_rec_login = "SELECT * FROM users";
$rec_login = mysql_query($query_rec_login, $connUser) or die(mysql_error());
$row_rec_login = mysql_fetch_assoc($rec_login);
$totalRows_rec_login = mysql_num_rows($rec_login);

mysql_select_db($database_connUser, $connUser);
$query_showpic = "SELECT pic FROM users";
$showpic = mysql_query($query_showpic, $connUser) or die(mysql_error());
$row_showpic = mysql_fetch_assoc($showpic);
$totalRows_showpic = mysql_num_rows($showpic);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "<?php echo $row_showpic['pic']; ?>";
  $MM_redirectLoginFailed = "Test.php";
  $MM_redirecttoReferrer = true;
  mysql_select_db($database_connUser, $connUser);
  
  $LoginRS__query=sprintf("SELECT f_name, password FROM users WHERE f_name='%s' AND password='%s'",
    get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 
   
  $LoginRS = mysql_query($LoginRS__query, $connUser) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && true) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<style type="text/css">
<!--
body,td,th {
	color: #333333;
}
.style1 {color: #000000}
-->
</style></head>

<body>
Test
<form id="form1" name="form1" method="POST" action="<?php echo $loginFormAction; ?>">
  <label><span class="style1"><br />
  <br />
  username</span>
  <input name="username" type="text" id="username" />
  </label>
  <p>
    <label>password
    <input name="password" type="text" id="password" />
    </label>
  </p>
  <p>
    <label>
    <input type="submit" name="Submit" value="Submit" />
    </label>
  </p>
</form>
</body>
</html>
<?php
mysql_free_result($rec_login);

mysql_free_result($showpic);
?>

dont use all that stuff

Posted: Tue Jul 24, 2007 8:22 pm
by yacahuma
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Thank you for posintg dreamweaver code.  I WILL NEVER USE THAT.

Please use the excellent php adodb for all database stuff. 

This is close to what you need to do

Code: Select all

<?php
/*  UserMgr.php */
class User
{
  var $username;
  var $password;
  var $link;
  //put any other db values here
}
//the manager takes care of all database stuff
class UserMgr
{
  var $cn;

  function checkuser($username,$password)
 {
   $username = addslashes($useraname);
   $password = addslahes($password);
    $sql = "select * from users where username='{$username}' and password='{$password}' limit 1";
    $row = $this->cn->GetRowAssoc($sql);
    if (count($row)>0)
    {
        $u = new User();
        $u->link = $row['link'];
        $u->username = $row['username'];
        return $u;
    }else
    return false;
 }
}
?>


//login.php
<?php
  if (isset($_POST['Submit'])
  {
     //create db connection here
     $mgr = new UserMgr();
     $mgr->cn = CONNECTION SEE PHP ADODB ON HOW TO CREATE A CONNECTION
     if ($u=$mgr->checkuser($_POST['username'],$_POST['password'])
    {
          $url = $u->link
          //header('Location: http://www.example.com/');  example
          header("Location: {$url}");
          exit;
     }
  }
?>
<form id="form1" name="form1" method="post" action="login.php">
  <label><span class="style1"><br />
  <br />
  username</span>
  <input name="username" type="text" id="username" />
  </label>
  <p>
    <label>password
    <input name="password" type="text" id="password" />
    </label>
  </p>
  <p>
    <label>
    <input type="submit" name="Submit" value="Submit" />
    </label>
  </p>
</form>

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Wed Jul 25, 2007 3:19 am
by miro_igov
WTH is that $MM_redirectLoginSuccess = "<?php echo $row_showpic['pic']; ?>"; ?

Are you trying to send this header:

Code: Select all

header("Location: " . $MM_redirectLoginSuccess );


@yacahuma - i think the php built-in functions are enough for database tasks, any wrapping is useless.

I dont agree

Posted: Wed Jul 25, 2007 4:45 am
by yacahuma
I am sorry but I dont agree. Having all the database calls is one place creates a black box. If something new needs to be done you dont have to do it in many different places. Sure in this case is just for login but I think is a very nice practice to separate all the html code from database code. In a complicated page you will regret not having the separation.

Posted: Wed Jul 25, 2007 6:50 am
by miro_igov
I can't see how wrapping the database functions will separate the html from php and also can't see how non-wrapping will mix the php with html.

Posted: Wed Jul 25, 2007 8:20 am
by superdezign
miro_igov wrote:I can't see how wrapping the database functions will separate the html from php and also can't see how non-wrapping will mix the php with html.
... Are you serious? Separate form from function, and your websites will be a hell of a lot more manageable.

Posted: Wed Jul 25, 2007 8:37 am
by miro_igov
Superdezign, but does the database functions wrapper separate it as yacahuma says?

Posted: Wed Jul 25, 2007 8:49 am
by superdezign
miro_igov wrote:Superdezign, but does the database functions wrapper separate it as yacahuma says?
Hmm... No. User validation should occur in the User object which is the only object that should have full permissions to $username and $password.

Code: Select all

if(!empty($_POST) && isset($_POST['username'], $_POST['password']))
{
    $user = new User($_POST['username'], $_POST['password']);
    if($user->isValid())
    {
        $_SESSION['user'] = $user;
    }
}

if(isset($_SESSION['user']) && $_SESSION['user'] instanceof User && $_SESSION['user']->isValid())
{
    echo 'You are logged in.';
}
else
{
    // Login form
}

Re: dont use all that stuff

Posted: Wed Jul 25, 2007 9:20 pm
by cupaball
yacahuma wrote:feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Thank you for posintg dreamweaver code.  I WILL NEVER USE THAT.

Please use the excellent php adodb for all database stuff. 

This is close to what you need to do

Code: Select all

<?php
/*  UserMgr.php */
class User
{
  var $username;
  var $password;
  var $link;
  //put any other db values here
}
//the manager takes care of all database stuff
class UserMgr
{
  var $cn;

  function checkuser($username,$password)
 {
   $username = addslashes($useraname);
   $password = addslahes($password);
    $sql = "select * from users where username='{$username}' and password='{$password}' limit 1";
    $row = $this->cn->GetRowAssoc($sql);
    if (count($row)>0)
    {
        $u = new User();
        $u->link = $row['link'];
        $u->username = $row['username'];
        return $u;
    }else
    return false;
 }
}
?>


//login.php
<?php
  if (isset($_POST['Submit'])
  {
     //create db connection here
     $mgr = new UserMgr();
     $mgr->cn = CONNECTION SEE PHP ADODB ON HOW TO CREATE A CONNECTION
     if ($u=$mgr->checkuser($_POST['username'],$_POST['password'])
    {
          $url = $u->link
          //header('Location: http://www.example.com/');  example
          header("Location: {$url}");
          exit;
     }
  }
?>
<form id="form1" name="form1" method="post" action="login.php">
  <label><span class="style1"><br />
  <br />
  username</span>
  <input name="username" type="text" id="username" />
  </label>
  <p>
    <label>password
    <input name="password" type="text" id="password" />
    </label>
  </p>
  <p>
    <label>
    <input type="submit" name="Submit" value="Submit" />
    </label>
  </p>
</form>

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color][/quote]

Thanks! But what is php adodb? I went the site, not sure how or what to use?

Re: dont use all that stuff

Posted: Wed Jul 25, 2007 9:47 pm
by superdezign
cupaball wrote:Thanks! But what is php adodb? I went the site, not sure how or what to use?
I've never used it, but I assume that it is just a database class. It will handle database operations such as connections and queries.

object managers

Posted: Thu Jul 26, 2007 8:31 am
by yacahuma
php adodb allows you to use different databases without changing code
download link
http://sourceforge.net/project/showfile ... p_id=42718

Code: Select all

$conn = &ADONewConnection('oracle');
$conn = &ADONewConnection('mysql');
php adodb is simple and dont depend on any pear stuff

Also

About the idea of using object managers.

I think it a matter of style. WHy do I prefer the object route??

Data Object should not have to know anything about their external environment, they should only hold data and functions on that data.

Having manager objects that understand the relationship between data objects and create a barrier between data object and external entities like a database make a lot of sense.

In order to fix this little problem programmers created the ideas of friends functions. I just dont agree with that idea. Friends functions will basically do what the manager is supposed to do.

At the end the decision is up to the programmer. For my experience the idea of separating all external relationships and the data object interactions in an object manager work perfect , at least for me.

Good luck, I think that all I have to say in this thread.

Re: object managers

Posted: Thu Jul 26, 2007 8:42 am
by miro_igov
yacahuma wrote:php adodb allows you to use different databases without changing code
Are you 100% sure? How about the DB queries? They have different syntax in the different DB engines.

Re: object managers

Posted: Thu Jul 26, 2007 9:34 am
by superdezign
miro_igov wrote:
yacahuma wrote:php adodb allows you to use different databases without changing code
Are you 100% sure? How about the DB queries? They have different syntax in the different DB engines.
It's likely not all the same class, however. I'll bet the original object is made from a factory.