Yeah post what you've got please :p
dan4domination 0 Light Poster
harry_watson 0 Light Poster
K just been looking at me own login script and realised it's been made in a different way and no use at this time, good luck, happy code, happy day. This may be of use though.. Login.php
<?php
include("dbconnect.php");
// Same checking stuff all over again.
if(isset($_POST['submit'])) {
if(empty($_POST['admin_username']) || empty($_POST['admin_password'])) {
echo "Opps! You have to fill in all forms";
$head_info='<meta http-equiv="refresh" content="2;url=login.php">';
exit;
} // Create the variables again.
$username = $_POST['admin_username']; $password = $_POST['admin_password'];
// Encrypt the password again with the md5 hash.
// This way the password is now the same as the password inside the database.
$password = md5($password);
// Store the SQL query inside a variable.
// ONLY the username you have filled in is retrieved from the database.
$query = "SELECT admin_username, admin_password
FROM admin_login
WHERE admin_username='$username'";
$result = mysql_query($query);
if(!$result) {
// Gives an error if the username given does not exist.
// or if something else is wrong.
echo "Failed " . mysql_error();
} else {
// Now create an object from the data you've retrieved.
$row = mysql_fetch_object($result);
// You've now created an object containing the data.
// You can call data by using -> after $row.
// For example now the password is checked if they're equal.
include("session.php");
echo "login sucessful. Please wait. Redirecting you to our administration page now";
$head_info='<meta http-equiv="refresh" content="2;url=admin.php">';
if($row->password != $password) {
echo "Wrong password.";
$head_info='<meta http-equiv="refresh" content="2;url=login.php">';
exit;
}
}
}
?>
<html>
Session.php
<?php
session_start();
$_SESSION['your_name']=$admin_username;
?>
Edited by harry_watson because: May be of use
OS_dev 0 Junior Poster
here it is
script status array Array ( [0] => db connection fine [1] => is not admin start [2] => SELECT * FROM users WHERE username = 'admin' AND password = 'admin' AND isadmin = '0' [3] => query returned 1 rows ) session data Array ( [logged] => 1 [admin] => ) post data Array ( [username] => admin [password] => admin )
So what this is telling me is that your script is taking the non-admin flow. You say that it should be taking the admin flow but your post data does not contain "isadmin". According to your script you need the existence of $_POST in order to go the admin flow but is admin is not in the following post array:
post data
Array
(
[username] => admin
[password] => admin
)
In order to create this you will need some type of form field, even if it is hidden. I don't know why you would do this as I would just determine if the user is an admin by the admin field in the database. I would use that to control which flow my script takes.
If that is what you want to do then you should change your script a little bit, I would do something like this.
<?php
session_start();
//connect to db
$conn = mysql_connect("localhost", "", "") or die(mysql_error());
mysql_select_db("") or die(mysql_error());
//declares variable
$username=trim($_POST["username"]);
$password=trim($_POST["password"]);
$q = mysql_query ("SELECT isadmin FROM users WHERE username = '$username' AND password = '$password'");
$row = mysql_fetch_assoc($q);
$redirectLoc = "";
if(isset($row['isadmin']) && is_numeric($row['isadmin']))
{
$_SESSION['admin'] = $row['isadmin'] == "1"?true:false;
$_SESSION['user'] = $username;
$_SESSION['logged'] = 1;
$redirectLoc = $_SESSION['admin']?"main.php":"index.php";
header("Location: " . $redirectLoc); // redirect to correct page
exit();
}
// if user is not an admin || user
header ("Location: login.php?e=Error"); // error page && try again
exit();
?>
Edited by OS_dev because: n/a
dan4domination 0 Light Poster
Wow it finally works.
Although if I leave both fields blank it brings back the following error:
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
Are there simpler ways to redirect them instead of using $redirectloc?
OS_dev 0 Junior Poster
Wow it finally works.
Although if I leave both fields blank it brings back the following error:
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
Are there simpler ways to redirect them instead of using $redirectloc?
Sorry, gotta go to bed, I will be back with you tomorrow night if you are still struggling.
dan4domination 0 Light Poster
Okay I'll have a mess around today and hopefully catch you tomorrow night
harry_watson 0 Light Poster
O so good! Nice talking. could always use....
$redirectLoc='<meta http-equiv="refresh" content="2;url=index.php">
Edited by harry_watson because: off to sleep
OS_dev 0 Junior Poster
Wow it finally works.
Although if I leave both fields blank it brings back the following error:
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
Are there simpler ways to redirect them instead of using $redirectloc?
Ah, you know why. Because that second redirect needs to go back to account.php right. Because that is where the user is trying to login from, not login.php. Login.php is just the form handler for account.php. What this is doing to redirecting back to itself in an endless loop. So here is the updated login.php script:
<?php
session_start();
//connect to db
$conn = mysql_connect("localhost", "", "") or die(mysql_error());
mysql_select_db("") or die(mysql_error());
//declares variable
$username=trim($_POST["username"]);
$password=trim($_POST["password"]);
$q = mysql_query ("SELECT isadmin FROM users WHERE username = '$username' AND password = '$password'");
$row = mysql_fetch_assoc($q);
$redirectLoc = "";
if(isset($row['isadmin']) && is_numeric($row['isadmin']))
{
$_SESSION['admin'] = $row['isadmin'] == "1"?true:false;
$_SESSION['user'] = $username;
$_SESSION['logged'] = 1;
$redirectLoc = $_SESSION['admin']?"main.php":"index.php";
header("Location: " . $redirectLoc); // redirect to correct page
exit();
}
// if user is not an admin || user
header ("Location: account.php?e=Error"); // error page && try again
exit();
?>
Edited by OS_dev because: n/a
dan4domination 0 Light Poster
Sweet.
Thanks for your help.
One last question at the moment the first 5-6 pages are html in order to keep a user logged in how would I go about it? Would I have to change the 5-6 pages to Php and add session_start(); to each of my php pages?
As the admin logs in to index.php and gets different rights than a user would however if they try to view a different page currently all their rights disappear and become logged out.
thanks again
dan4domination 0 Light Poster
Really am stuck on this need some help
thanks
OS_dev 0 Junior Poster
Would I have to change the 5-6 pages to Php and add session_start(); to each of my php pages?
exactly.
dan4domination 0 Light Poster
Ok i've done that...however face a small barrier....
On each of the php pages in my site I cant seem to find a way to make it so a user would get rights such as "My bookings Search and logout" and an admin would get "Add Event Search and logout" as well as all the normal linked pages.
any ideas?
OS_dev 0 Junior Poster
Ok i've done that...however face a small barrier....
On each of the php pages in my site I cant seem to find a way to make it so a user would get rights such as "My bookings Search and logout" and an admin would get "Add Event Search and logout" as well as all the normal linked pages.
any ideas?
Post the script in question.
dan4domination 0 Light Poster
well so far i've put this at the top of my php pages
<?php
// like i said, we must never forget to start the session
session_start();
// is the one accessing this page logged in or not?
if (!isset($_SESSION['basic_is_logged_in'])
|| $_SESSION['basic_is_logged_in'] !== true) {
// not logged in, move to login page
header('Location: account.html');
exit;
}
?>
and I added the SESSION['basic_is_logged_in' to the login script as I couldnt figure out how to make it work as the login script currently is:
<?php
session_start();
//connect to db
$conn = mysql_connect("localhost", "", "") or die(mysql_error());
mysql_select_db("") or die(mysql_error());
//declares variable
$username=trim($_POST["username"]);
$password=trim($_POST["password"]);
//Main query finds all of the fields from the users table and picks username and password
$q = mysql_query ("SELECT * FROM users WHERE username = '$username' AND password = '$password'");
$row = mysql_fetch_assoc($q);
$redirectLoc = "";
if(isset($row['isadmin']) && is_numeric($row['isadmin']))
{
$_SESSION['basic_is_logged_in'] = true;
$_SESSION['admin'] = $row['isadmin'] == "1"?true:false;
$_SESSION['user'] = $username;
$_SESSION['logged'] = 1;
$redirectLoc = $_SESSION['admin']?"main.php":"index.php";
header("Location: " . $redirectLoc); // redirect to correct page
exit();
}
// if user is not an admin || user
header ("Location: account.html"); // error page && try again
exit();
?>
Edited by dan4domination because: n/a
OS_dev 0 Junior Poster
well so far i've put this at the top of my php pages
<?php // like i said, we must never forget to start the session session_start(); // is the one accessing this page logged in or not? if (!isset($_SESSION['basic_is_logged_in']) || $_SESSION['basic_is_logged_in'] !== true) { // not logged in, move to login page header('Location: account.html'); exit; } ?>
and I added the SESSION['basic_is_logged_in' to the login script as I couldnt figure out how to make it work as the login script currently is:
<?php session_start(); //connect to db $conn = mysql_connect("localhost", "", "") or die(mysql_error()); mysql_select_db("") or die(mysql_error()); //declares variable $username=trim($_POST["username"]); $password=trim($_POST["password"]); //Main query finds all of the fields from the users table and picks username and password $q = mysql_query ("SELECT * FROM users WHERE username = '$username' AND password = '$password'"); $row = mysql_fetch_assoc($q); $redirectLoc = ""; if(isset($row['isadmin']) && is_numeric($row['isadmin'])) { $_SESSION['basic_is_logged_in'] = true; $_SESSION['admin'] = $row['isadmin'] == "1"?true:false; $_SESSION['user'] = $username; $_SESSION['logged'] = 1; $redirectLoc = $_SESSION['admin']?"main.php":"index.php"; header("Location: " . $redirectLoc); // redirect to correct page exit(); } // if user is not an admin || user header ("Location: account.html"); // error page && try again exit(); ?>
OK, the best way to do this is to create another php file called functions.php which you are going to stick inside of a directory called "includes" where you are going to put all of your other include files. Inside this functions.php file you will have different functions that you have made that you will be using throughout your site. The purpose is to preserve code that you have already written so that you don't have to keep writing it over and over again. Lets start with an authenticate function. This is going to be the contents of the file. BTW: you don't need a session_start() on this file because you will already have it, take my word for it. So here it is:
functions.php:
<?php
//"basic" is the default for $type if you don't pass anything to the function
//this will enable you to pass in "admin" only when you want to authenticate an admin
//I would also eliminate the basic_is_logged_in because you don't need it
function authenticate($type="basic")
{
if($type == "admin")
{
return isset($_SESSION['admin']) && $_SESSION['admin'] == true?true:false;
}
else if($type == "basic")
{
return isset($_SESSION['logged']) && $_SESSION['logged'] == true?true:false;
}
return false;
}
?>
then on this page you do this
<?php
// like i said, we must never forget to start the session
session_start();
include("includes/functions.php");
// is the one accessing this page logged in or not?
//then you just perform basic authentication like so
if(!authenticate())//for admins, use if(!authenticate("admin"))
{
header("Location login.php");
exit();
}
//Lets say you have a link that you only want an admin to see
if(authenticate("admin"))
{
?><a href="controlPanel.php">Control Panel</a>
<?php
}
?>
Edited by OS_dev because: n/a
dan4domination 0 Light Poster
Right I've given it a try I cant get it to work
I presume i add the following code to my page in this case music.php
<?php
// like i said, we must never forget to start the session
session_start();
include("includes/functions.php");
// is the one accessing this page logged in or not?
//then you just perform basic authentication like so
if(!authenticate())//for admins, use if(!authenticate("admin"))
{
header("Location login.php");
exit();
}
//Lets say you have a link that you only want an admin to see
if(authenticate("admin"))
{
?><a href="controlPanel.php">Control Panel</a>
<?php
}
Its allowing an admin to log in however a user cannot.
Edited by dan4domination because: n/a
dan4domination 0 Light Poster
Ignore that I've managed to get it to work. thanks
However I cant seem to style the link, If I attempt to make it a div and then position it using my external css it just becomes almost like an image I can see it but for some reason cannot click it
<a href="controlPanel.php">Control Panel</a>
OS_dev 0 Junior Poster
Ignore that I've managed to get it to work. thanks
However I cant seem to style the link, If I attempt to make it a div and then position it using my external css it just becomes almost like an image I can see it but for some reason cannot click it
<a href="controlPanel.php">Control Panel</a>
here is a good page to copy and paste from and then fill in the blanks, if it still doesn't work, post your css.
dan4domination 0 Light Poster
Spent most of my evening playing around with various ways of styling the hyperlinks.
Tried using divs, then tried using unordered lists but still fails to allow me to click the actual link and just remains almost like an image
CSS code
body {
margin:0px; padding:0px;
background-color:#ffffff;
font-family:Arial, Helvetica, sans-serif;
}
#outside_container {
background:url(images/background_slice.jpg) repeat-x #000000;
}
#container{
background:url(images/bg.jpg) no-repeat;
width: 1000px;
height: 800px;
margin-left:auto ;
margin-right:auto ;
position: relative;
}
ul#menu {
margin:0px; padding:0px;
position:absolute; top:120px; left:270px;
}
ul#menu li {
margin:0px; padding:0px;
list-style:none;
margin-right:55px;
font-size:12px;
font-family: Arial;
text-transform:uppercase;
display:inline;
}
ul#menu li a {
text-decoration:none;
color:#cc9900;
}
ul#menu li a:hover {
text-decoration:none;
color:#ffffff;
}
ul#submenu {
margin:0px; padding:0px;
position:absolute; top:2px; left:680px;
}
ul#submenu li {
margin:0px; padding:0px;
list-style:none;
margin-right:10px;
font-size:12px;
font-family: Arial;
text-transform:uppercase;
display:inline;
}
ul#submenu li a {
text-decoration:none;
color:#cc9900;
}
ul#submenu li a:hover {
text-decoration:none;
color:#ffffff;
}
/* Header */
#banner {
width: 1000px;
height: 203px;
margin: 0 auto;
color: #FFFFFF;
}
#logo h1, #logo p {
float: left;
margin: 0px;
}
#logo span {
color: #FFFFFF;
}
#logo h1 {
padding-top: 40px;
letter-spacing: -1px;
text-transform: lowercase;
font-weight: normal;
font-size: 2em;
}
#logo p {
display: block;
padding-top: 80px;
text-transform: uppercase;
font-size: 10px;
color: #FFFFFF;
}
#logo a {
border: none;
text-decoration: none;
color: #000000;
}
/*
Content
*/
#account{
position:absolute; top:200px; left:440px;
color: #000000;
}
#adminmenu {
position:absolute; top:5px; left:900px;
color: #000000;
}
#addevent{
position:absolute; top:200px; left:440px;
color: #000000;
}
#loginform {
position:absolute; top:350px; left:740px;
color: #000000;
}
#register{
position:absolute; top:550px; left:540px;
color: #000000;
}
#searchform{
position:absolute; top:60px; left:640px;
color: #000000;
}
#content {
padding-top:400px;
padding-left:85px;
width:815px;
color:#674f5d;
font-size:13px;
line-height:20px;
text-align:justify
}
.column1 { float:left; width:400px; margin-right:30px; }
.column2 { float:left; width:230px; margin-right:30px; }
.column3 { float:left; width:270px; }
/*
General Styles
*/
a img { border:0px }
Edited by dan4domination because: n/a
dan4domination 0 Light Poster
Any ideas?
OS_dev 0 Junior Poster
Any ideas?
What effect are you trying to accomplish here?
dan4domination 0 Light Poster
Just want the Link Add events to show up for only admin so that you can click it. However it wont allow me to do that
OS_dev 0 Junior Poster
Just want the Link Add events to show up for only admin so that you can click it. However it wont allow me to do that
OK, there is generally two ways to write html, including hyperlinks, in php.
first:
<?php
//end parsing php here and start writing html
?>
<a href="http://www.daniweb.com">Daniweb</a>
<?php
//continue writing in php
?>
second:
<?php
//assign a hyperlink to a variable, just in plain text
$strHyperLink = '<a href="http://www.daniweb.com">Daniweb</a>';
//echo your hyperlink to the browser in plain html
echo $strHyperLink;
?>
If the link is not even working correctly, it's probably not your css but rather syntax is incorrect. If you are still having issues, post your code.
Edited by OS_dev because: n/a
dan4domination 0 Light Poster
I understand that. The problem I'm having is adding the following Link into my website so It looks like its meant to be there. Basically I want to style the following link
?>
<a href="http://www.daniweb.com">Daniweb</a>
<?php
OS_dev 0 Junior Poster
I understand that. The problem I'm having is adding the following Link into my website so It looks like its meant to be there. Basically I want to style the following link
?>
<a href="http://www.daniweb.com">Daniweb</a>
<?php
OK, so,
<html>
<head>
<style type="text/css">
/* stick this in your style sheet */
a:link {color:blue;}
a:visited {color:purple;}
a:hover {text-decoration: none; color: green;}
a:active {color: red;text-decoration: none}
a.bold:link {color:blue; font-weight:bold;}
a.bold:visited {color:purple; font-weight:bold;}
a.bold:hover {text-decoration: none; color: green; font-weight:bold;}
a.bold:active {color: red;text-decoration: none; font-weight:bold;}
</style>
</head>
<body>
<a href="http://www.daniweb.com">Daniweb</a><br />
<a class="bold" href="http://www.daniweb.com">Daniweb</a>
</body>
</html>
Edited by OS_dev because: n/a
dan4domination 0 Light Poster
Cool what about how to Position the link?
Would that be within the Class or would I make a DIV?
Edited by dan4domination because: n/a
OS_dev 0 Junior Poster
Cool what about how to Position the link?
Would that be within the Class or would I make a DIV?
That depends, can you describe how you want to position it? Usually I would do this with an id rather than a class. Classes usually identify multiple items where as id only identifies a single item.
Then you have several options available. You will probably want to do some research on css margins and text positioning. The positioning of the link is going to be relative to whatever element the link is in. So if I do a margin-left:100px; in my css, it will position itself 100 pixels from the left edge of the <div> or <td>, that is if my text-align is set to left. If my text-align is set to center and my <div> or <td> is fairly wide, then chances are I won't notice a difference. This is all stuff that can't really be explained in a single forum post but is something that you just have to google and test and beat your head against the wall over for a while. It is more of a concept. But there is documentation all over the internet and it really is only as complicated as you want it to be. I have a lot of appreciation for simple yet tasteful website designs.
OS_dev 0 Junior Poster
And one more thing. Not to offend you but I am helping you quite a bit with PHP because I enjoy PHP and programming in general. Once you start talking about CSS I get bored very easily. CSS is a drag. :)
Edited by OS_dev because: n/a
dan4domination 0 Light Poster
Well I planned on placing it next to the normal menu. I'll fiddle around some more with it.
And fair enough you've helped me a hell of a lot I cant thank you enough.
OS_dev 0 Junior Poster
Well I planned on placing it next to the normal menu. I'll fiddle around some more with it.
And fair enough you've helped me a hell of a lot I cant thank you enough.
no problem.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.