Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 4 of 6 FirstFirst ... 23456 LastLast
Results 46 to 60 of 82
  1. #46
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    Nevermind, figured it out.

    I might have another question real soon though because I'm having issues logging in. I think it might be something to do with matching the hashed passwords when comparing the input and the database values.

    I'm going to look through the code now.

    Regards,

    LC.

  2. #47
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,421
    Thanks
    62
    Thanked 535 Times in 522 Posts
    Quote Originally Posted by LearningCoder View Post
    Ah I did remember sessions and knew they held values between pages but didn't want to use them.
    Why? What did you hope to achieve declaring global variables? - They would never have done what you wanted, only sessions could do that.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  3. #48
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    I wanted to achieve what sessions can do but with global variables...I got mixed up with the use of the static keyword not so long ago as well. I must remember they are to do with functions and not to hold data/use data between pages...

    Thank you for all your help...I would attempt to start sorting out my login.php but it's too late to be doing that now. I'll end up coding even worse than I do already...

    The issue was weird though because I remember trying to login locally, and it worked. So I uploaded it to the domain and tried the exact same thing and it didn't work...

    Kind regards,

    LC.

  4. #49
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,421
    Thanks
    62
    Thanked 535 Times in 522 Posts
    Ah.. one of the perils of moving from localhost to the domain.. I know them well!
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  5. #50
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    Heh, sounds like you're the man to help me then!

    I'm gonna chill out for tonight now and crack on in the morning with it.

    Enjoy your evening

    Regards,

    LC.

  6. #51
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,421
    Thanks
    62
    Thanked 535 Times in 522 Posts
    lol it's 00:10 here mate.. oh.. hang on you're over in Essex so same for you lol.

    Ok, morning for you, you crack on with it.. don't expect anything out of me until at least 11:30
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  7. #52
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    lol you're in the UK too? I had it in my head you was abroad somewhere and to be quite frank I haven't got a clue why...



    Regards,

    LC.

  8. #53
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    When using global variables, if I have a script and it 'requires' another file, when I go into that file and set a global variable and that script ends and returns to the first script, does my global variable still exist until the end of execution, or does it die when it leaves the script which created it?

    P.s - so annoyed, I tried hoovering my keys and ended up pulling off my right bracket and ENTER keys ...proving hard to fix.

    Regards,

    LC.

  9. #54
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,421
    Thanks
    62
    Thanked 535 Times in 522 Posts
    Global vars are valid in the function that they are declared in. If the variable is in the top level of the script and you declare it a global in the function then it will still exist in the top level when you come back out of the function - see my previous example of globals.

    As for the keyboard, if you have an ASDA near you they used to sell wired keyboards for £4. Not sure if they still do anymore, mine doesn't but still does the mice but their basic KB is now £7 iirc. Every store seems to vary though. I wouldn't bother with Tesco.. and I don't think Morrisons sell tech bits at all. I don't think Sainsburys sell anything useful unless its one of their larger stores.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  10. #55
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    I've only just been able to get on. I'll give global variables a read. I am not using globals with any functions, just setting a variable in a script to be global and it seems to be working.

    I go into my do_reg action script. Then, I go into a reg_select.php script to check whether the username or email address is already registered at the site. Depending on what affected_rows returns I set a global variable and set it to TRUE if it matched a row and FALSE if not. I then leave that script and do an if statement in the calling script: if (global declared was set to true) display error, else (if no match was found, login) and it works. I'll re-run through the topic.

    As for the keyboard, I've managed to fix it! Weren't as tricky as I first thought.

    Regards,

    Lc.
    Last edited by LearningCoder; 10-07-2012 at 08:54 PM.

  11. #56
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    Well, I decided to forget setting globals and to set the session/ print error inside the prepared statement file.

    I have been thoroughly through both my registration files and login files. I sat down and wrote the logic of both files and what happens and when. I really cannot see what could be the issue. The logic is pretty much the same and I do the same thing regarding the password and selecting the hash string from db etc.

    REGISTRATION
    Here is my registration action file, do_reg.php:
    PHP Code:
    <?php

    $db
    ;

    //FUNCTION WHICH GENERATES A RANDOM STRING. USED IN THE HASHING OF PASSWORDS. RETURNS A RANDOM STRING.
    function generate_salt(){
       
    $chars "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
       
    $length strlen($chars);
       
    $salt_size 10;
       global 
    $str;
       
    $str "";
       
       for(
    $i=0;$i<$salt_size;$i++){
           
    $str .= $chars[rand(0,$length-1)];
       }
       return 
    $str;
    }


    function 
    prepare_data($data){
       
    $data htmlentities($dataENT_QUOTES);
       return 
    $data;
    }

    if (isset(
    $_POST['username'], $_POST['password'], $_POST['email'])) {

       
    $errors = array();
       
       
    $_POST['username'] = trim($_POST['username']);
       
    $_POST['password'] = trim($_POST['password']);
       
    $_POST['email'] = trim($_POST['email']);

       if (empty(
    $_POST['username'])) {
          
    $errors[] = "Username field cannot be empty.";
       }
       if (empty(
    $_POST['password'])) {
          
    $errors[] = "Password field cannot be empty.";
       }
       if (empty(
    $_POST['email'])) {
          
    $errors[] = "Email field cannot be empty.";
       }
          if(empty(
    $errors)){
                
                if(!
    ctype_alnum($_POST['username'])){
                   
    $errors[] = "Your username can only contain alphanumeric characters.";
                }
                
                if(!
    filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){
                   
    $errors[] = "You did not enter a valid email address.";
                }
                 
                if(
    strlen($_POST['password']) < || strlen($_POST['password']) > 18){
                   
    $errors[] = "Your password must be between 6 and 18 characters long.";
                }
                   if(empty(
    $errors)){
                      
                      require(
    "reg_select.php");
                      
                      if(
    $result === TRUE){
                         echo 
    "Sorry, the username and/or email address is already in use.<br />";
                         echo 
    "<a href='register.php'>Please try again</a>";
                         exit(
    0);                     
                      }
                      else{
                         
    $db TRUE;
                      }
                   }
                   else{
                      
    $error_string implode("<br />",$errors);
                      print(
    $error_string);
                      print(
    "<br />");
                      print(
    "<a href='register.php'>Click here to go back to the registration page</a>");
                      exit(
    0);
                   }
          }
          else{
             
    $error_string implode("<br />",$errors);
             print(
    $error_string);
             print(
    "<br />");
             print(
    "<a href='register.php'>Click here to go back to the registration page</a>");
             exit(
    0);
          }
    }

    if(
    $db != NULL){
       
       
    $_POST['username'] = prepare_data($_POST['username']);
       
    $_POST['password'] = prepare_data($_POST['password']);
       
    $_POST['email'] = prepare_data($_POST['email']);
       
       
    //generate hashed password.
       
    $hash generate_salt();
       
       
    $_POST['password'] = sha1($hash.$_POST['password'].$hash);//users password
       
       
    require("reg_insert.php");
       
       
    }
    $con->close();
    ?>
    As you can see, my reg_select.php is used just to see if any users/email are already registered........don't need to see that one.....

    Here is my reg_insert.php - which as you can guess, registers the user:
    PHP Code:
    <?php

    $conn 
    = new mysqli("localhost","root","","demo_central");

    $stmt $conn->prepare("INSERT INTO members (username,password,email,join_date,hash) VALUES (?,?,?,?,?)");

    $user mysqli_real_escape_string($conn,$_POST['username']);
    $pass mysqli_real_escape_string($conn,$_POST['password']);
    $email mysqli_real_escape_string($conn,$_POST['email']);
    $time time();
    $hash;

    $stmt->bind_param("sssis",$user,$pass,$email,$time,$hash);

    $stmt->execute();

    $n_rows $stmt->num_rows;

    if(
    $n_rows >= 1){
        
    $in_result TRUE;    
    }
    else{
        
    $in_result FALSE;
    }

    if(
    $in_result === TRUE){
          
          
    //write email after data is successully inserted.
          
    $to $_POST['email'];
          
    $subject "Thank you for registering at Demo-Central!";
          
    $message "Welcome ".$_POST['username']."<br />\n<br />\n";
          
    $message .= "Thank you for registering at Demo-Central.<br />\n";
          
    $message .= "You can now enjoy the ability to upload your own demos to show off and also <br />\n";
          
    $message .= "editing your own profile to make yourself unique. Below you will find your login details:<br />\n<br />\n";
          
    $message .= "Your username is:".$_POST['username']."<br />\n";
          
    $message .= "Your password is:".$_POST['password']."<br />\n<br />\n";
          
    $message .= "Please save this email to ensure you can retrieve your username or password should you forget it.<br />\n<br />\n";
          
    $message .= "We look forward to watching you.<br />\n<br />\n";
          
    $message .= "Kind regards,<br />\n<br />\n";
          
    $message .= "Demo-Central Administrator.";
          
          
    $headers = array();
          
    $headers[] = "MIME-Version: 1.0";
          
    $headers[] = "Content-type: text/html; charset=iso-8859-1";
          
    $headers[] = "From: Demo-Central Admin <admin@demo-central.com>";
          
    $headers[] = "Bcc: JJ Chong <bcc@domain2.com>";
          
    $headers[] = "Reply-To: Recipient Name <receiver@domain3.com>";
          
    $headers[] = "Subject: {$message}";
          
    $headers[] = "X-Mailer: PHP/".phpversion();
          
          if(
    mail($to,$subject,$messageimplode("\r\n",$headers))){
             echo 
    "You have successfully registered! You will be contacted shortly with your login details.<br />";
             echo 
    "Please follow the <a href='login.php'>link</a> to the login page.";
             exit(
    0);
          }
          else{
             echo 
    "You have successfully registered but there was an error sending your email.<br />";
             echo 
    "You are still able to login. Please contact the site administrator at flipmodeskwaud@hotmail.co.uk to report the problem.<br />";
             echo 
    "Follow the link to the <a href='login.php'>login</a> page.";
             exit(
    0);
          }
       }
       else{
          echo 
    "There was an internal error with your registration.<br />";
          echo 
    "Please contact the administrator at flipmodeskwaud@hotmail.co.uk and include the error shown. Thank you.<br />";
          echo 
    "Click <a href='index.php'>here</a> to go to the homepage.";
          exit(
    0);
       } 

    $stmt->close();

    $conn->close();

    ?>
    LOGIN
    do_login.php:
    PHP Code:
    <?php

    //FUNCTION WHICH PREPARES THE USER INPUT FOR DATABASE INSERTION. RETURNS 'CLEANED' DATA.
    function prepare_data($data){
       
    $data htmlentities($dataENT_QUOTES);
       return 
    $data;
    }

    $db;

    if(isset(
    $_POST['username'], $_POST['password'])){
       
       
    $errors = array();

       
    $_POST['username'] = trim($_POST['username']);
       
    $_POST['password'] = trim($_POST['password']);

       if(empty(
    $_POST['username'])){
          
    $errors[] = "Username field cannot be empty.";
       }
       
       if(empty(
    $_POST['password'])){
          
    $errors[] = "Password field cannot be empty.";
       }
       
       if(empty(
    $errors)){
          
          
    $db TRUE;
          
       }
       else{
          
    $error_string implode("<br />",$errors);
          print(
    $error_string);
          print(
    "<br />s");
          print(
    "<a href='login.php'>Please try again</a>");
          exit(
    0);
       }
       
    }

    if(
    $db != NULL){

       
    $_POST['username'] = prepare_data($_POST['username']);
       
    $_POST['password'] = prepare_data($_POST['password']);
       
       
    $con = new mysqli("localhost","root","","demo_central");
       
    $stmt $con->prepare("SELECT hash FROM members WHERE username=?");
       
    $stmt->bind_param("s",$_POST['username']);
       
    $stmt->bind_result($hash);
       
    $stmt->execute();
       
    $stmt->store_result();
       
    $a_rows $stmt->affected_rows;
       
    $n_rows $stmt->num_rows;
       
    $stmt->fetch();
       
    $_POST['password'] = sha1($hash.$_POST['password'].$hash);
       
       if(
    $a_rows == AND $n_rows == 1){
          require(
    "login_select.php");
          
       }   
       else{
          echo 
    "That username does not exist.<br />";
          
    $qry NULL;
       }
       
       if(
    $qry == NULL){
          echo 
    "<a href='login.php'>Please try again.</a>";
          exit(
    0);
       }
    }


    ?>
    login_select.php - which selects a match for user and pass.
    PHP Code:
    <?php
    session_start
    ();

    $conn = new mysqli("localhost","root","","demo_central");

    $stmt $conn->prepare("SELECT * FROM members WHERE username=? AND password=?");

    $username mysqli_real_escape_string($conn,$_POST['username']);
    $password mysqli_real_escape_string($conn,$_POST['password']);

    $stmt->bind_param("ss",$username,$password);

    $stmt->bind_result($id,$user,$pass,$email,$join_date,$hash,$reset);

    $stmt->execute();

    $stmt->store_result();
    $rows $stmt->affected_rows;

    $stmt->fetch();

    if(
    $rows == 1){
       
    $_SESSION['username'] = $username;
       
    $_SESSION['password'] = $password;
       
    header("refresh: 5, url=membersarea.php");
       echo 
    "You have successfully logged in.<br />";
       echo 
    "You will be redirected shortly...";
       exit(
    0);
    }
    else{
       echo 
    "You entered an invalid username and/or password.<br />";
       echo 
    "<a href='login.php'>Please try again</a>";
       exit(
    0);
    }

    $stmt->close();

    $conn->close();

    ?>
    As far as I can see, it should work. As I said, it works locally, but when I put it online, it doesn't seem to work the same.

    Not sure what this issue could be.

    I am wondering if anyone can spot the mistake?

    Kind regards,

    LC.
    Last edited by LearningCoder; 10-08-2012 at 10:30 AM.

  12. #57
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,421
    Thanks
    62
    Thanked 535 Times in 522 Posts
    When you say it doesn't work 'the same' what do you mean?

    I think you're going to need to debug this to see what is happening in each script. It's easy to get omething workong on a localhost wamp system but coding it to work on a variety of systems really does take skill!

    I can debug this for you via teamviewer / vnc however as this would take a while I'd have to be paid for it. My advice here on CF is always free as its just advice and theoretical stuff but actually spending what could be several hours on someones code is time consumning hence payment. I appreciate you'd probably like to avoid this option but the offer is there as a last resort.

    In the meantime, if you can provide us with more information as to what is going on, I'll still try to help here.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  13. #58
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    What I mean is I can register and login fine when it's on localhost. When I upload it, it still lets me register and everything goes into the database fine, but when trying to login it executes this part of code:

    PHP Code:
    else{ 
       echo 
    "You entered an invalid username and/or password.<br />"
       echo 
    "<a href='login.php'>Please try again</a>"
       exit(
    0); 

    If you look in my login_select.php this is my else statement to the if which checks the number of 'affected_rows'. I'm not sure why there are no affected_rows, I have also tried num_rows and it still doesn't work. The passwords both get concatenated with the random string and sent to the sha1() function before being used in any query... and the username matches fine because in my do_login script, I check if the user input matches a username.

    I also took a note of the mysql and php versions which my domain is using:

    PHP version: 5.3.14

    MySQL version: 5.5.10

    I also noticed it has magic quotes and magic quotes gpc turned on. They sound familiar i'll have a read into them. Not sure if they could be a possible issue?

    Kind regards,

    LC.
    Last edited by LearningCoder; 10-08-2012 at 07:30 PM.

  14. #59
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,421
    Thanks
    62
    Thanked 535 Times in 522 Posts
    As it's a select statement you should be using num_rows() not affected_rows() which is for insert, update, delete etc.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  15. #60
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    I changed inserts to affected and selects to num rows. Still doesn't seem to work.

    Is there any advice you can give me on what to be looking for maybe?

    Regards,

    LC.


 
Page 4 of 6 FirstFirst ... 23456 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •