Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

all I get is a blank page?

Posted on 2008-11-13
76
Medium Priority
?
474 Views
Last Modified: 2013-12-13
all I get is a blank page for the login script
<?php
error_reporting(E_ALL);
 
	require_once ( 'settings.php' );
 
	if ( array_key_exists ( '_submit_check', $_POST ) )
	{
		if ( $_POST['username'] != '' && $_POST['password'] != '' )
		{
			$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
			if ( $db->RecordCount ( $query ) == 1 )
			{
				$row = $db->getRow ( $query );
				if ( $row->Active == 1 )
				{
					set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
					header ( "Location: " . REDIRECT_AFTER_LOGIN );
				}
				elseif ( $row->Active == 0 ) {
					$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
				}
				elseif ( $row->Active == 2 ) {
					$error = 'You are suspended!';
				}
			}
			else {		
				$error = 'Login failed!';		
			}
		}
		else {
			$error = 'Please use both your username and password to access your account';
		}
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title>login</title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
 
</head>
 
<body>
 
	<div id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
	</div>
	<div id="container" style="width:230px;">
 
		<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
 
			<input type="hidden" name="_submit_check" value="1"/> 
		
			<div style="margin-top:12px; margin-bottom:10px">
				<img src="images/username.gif" alt="username" border="0" />
				<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
			</div>
			<div style="margin-bottom:6px">
				<img src="images/password.gif" alt="password" border="0" />
				<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
			</div>
			<?php if ( ALLOW_REMEMBER_ME ):?>
			<div style="margin-bottom:6px">
				<input type="checkbox" name="remember" id="remember" />
				<label for="remember">Remember me</label>
			</div>
			<?php endif;?>
			<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
			<br class="clear" />
			<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>
			
		</form>
		
		
	</div>
	
</body>
 
</html>

Open in new window

0
Comment
Question by:sandbudd
  • 40
  • 25
  • 4
  • +2
74 Comments
 
LVL 15

Expert Comment

by:MMDeveloper
ID: 22952580
I would start commenting out blocks of code until it does work, that way you know which block of code is causing the fatal errors.
0
 

Author Comment

by:sandbudd
ID: 22952600
starting where for example
0
 
LVL 17

Expert Comment

by:nplib
ID: 22952747
start there, then work backwords
<?php
error_reporting(E_ALL);
/* 
        require_once ( 'settings.php' );
 
        if ( array_key_exists ( '_submit_check', $_POST ) )
        {
                if ( $_POST['username'] != '' && $_POST['password'] != '' )
                {
                        $query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
                        if ( $db->RecordCount ( $query ) == 1 )
                        {
                                $row = $db->getRow ( $query );
                                if ( $row->Active == 1 )
                                {
                                        set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
                                        header ( "Location: " . REDIRECT_AFTER_LOGIN );
                                }
                                elseif ( $row->Active == 0 ) {
                                        $error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
                                }
                                elseif ( $row->Active == 2 ) {
                                        $error = 'You are suspended!';
                                }
                        }
                        else {          
                                $error = 'Login failed!';               
                        }
                }
                else {
                        $error = 'Please use both your username and password to access your account';
                }
        }
*/
?>

Open in new window

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:sandbudd
ID: 22952767
when I comment out the require_once settings it displays?
0
 
LVL 17

Expert Comment

by:nplib
ID: 22952787
then your problem could very well have something to do with settings.php
0
 
LVL 15

Expert Comment

by:MMDeveloper
ID: 22953513
well for example I removed all the HTML, added a few echo statements, and commented out a huge chunk of the code.

if the 2 echo statements process, and also the
<?php
error_reporting(E_ALL);
	echo "requiring";
        require_once ( 'settings.php' );
	echo "required";
        if ( array_key_exists ( '_submit_check', $_POST ) )
        {
               /* if ( $_POST['username'] != '' && $_POST['password'] != '' )
                {
                        $query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
                        if ( $db->RecordCount ( $query ) == 1 )
                        {
                                $row = $db->getRow ( $query );
                                if ( $row->Active == 1 )
                                {
                                        set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
                                        header ( "Location: " . REDIRECT_AFTER_LOGIN );
                                }
                                elseif ( $row->Active == 0 ) {
                                        $error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
                                }
                                elseif ( $row->Active == 2 ) {
                                        $error = 'You are suspended!';
                                }
                        }
                        else {          
                                $error = 'Login failed!';               
                        }
                }
                else {
                        $error = 'Please use both your username and password to access your account';
                }*/
        }
?>
made it this far

Open in new window

0
 
LVL 15

Expert Comment

by:MMDeveloper
ID: 22953525
my bad, soon as I was about to post I got pulled into a meeting, posted when I came back only to see I'm way behind in the conversation :P
0
 

Author Comment

by:sandbudd
ID: 22953544
got it to work but when I do the session start I get a blank page now...lol..

<?php
session_start()
		if ( $_SESSION['logged_in'] ):
	?>
			Content here
	<?php
		endif;
	?>

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22953552
members page
0
 

Author Comment

by:sandbudd
ID: 22953684
do I need to do a session start on the login page?
0
 
LVL 15

Expert Comment

by:MMDeveloper
ID: 22953686
you're missing the ';'
0
 

Author Comment

by:sandbudd
ID: 22953924
I did this and get this error?
Notice: Undefined variable: _SESSION in D:\hshome\sandbudd\sandbuddcustomdesigns.com\login\logged_in.php on line 4

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
 
		if ( $_SESSION['logged_in'] ):
	?>
			Content here
	<?php
		endif;
	?>

Open in new window

0
 
LVL 17

Expert Comment

by:nplib
ID: 22954076
cause you need session_start(),

but it needs to be at the top of the root page.
not within a included page

like..

only have "1" session_start(),

if you have any in your included pagees, remove them.
<?php
session_start();
error_reporting(E_ALL);
 
        require_once ( 'settings.php' );
 
        if ( array_key_exists ( '_submit_check', $_POST ) )
        {
                if ( $_POST['username'] != '' && $_POST['password'] != '' )
                {
...........................

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22954252
Okay here is the sign in page...

<?php
error_reporting(E_ALL);
 
	require_once ( 'settings.php' );
 
	if ( array_key_exists ( '_submit_check', $_POST ) )
	{
		if ( $_POST['username'] != '' && $_POST['password'] != '' )
		{
			$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
			if ( $db->RecordCount ( $query ) == 1 )
			{
				$row = $db->getRow ( $query );
				if ( $row->Active == 1 )
				{
					set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
					header ( "Location: " . REDIRECT_AFTER_LOGIN );
				}
				elseif ( $row->Active == 0 ) {
					$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
				}
				elseif ( $row->Active == 2 ) {
					$error = 'You are suspended!';
				}
			}
			else {		
				$error = 'Login failed!';		
			}
		}
		else {
			$error = 'Please use both your username and password to access your account';
		}
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title></title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
 
</head>
 
<body>
 
	<div id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
	</div>
	<div id="container" style="width:230px;">
 
		<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
 
			<input type="hidden" name="_submit_check" value="1"/> 
		
			<div style="margin-top:12px; margin-bottom:10px">
				<img src="images/username.gif" alt="username" border="0" />
				<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
			</div>
			<div style="margin-bottom:6px">
				<img src="images/password.gif" alt="password" border="0" />
				<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
			</div>
			<?php if ( ALLOW_REMEMBER_ME ):?>
			<div style="margin-bottom:6px">
				<input type="checkbox" name="remember" id="remember" />
				<label for="remember">Remember me</label>
			</div>
			<?php endif;?>
			<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
			<br class="clear" />
			<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>
			
		</form>
		
		
	</div>
	
</body>
 
</html>

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22954270
here isl the members page and it takes me back to the sign in page...I checked the database and the information is there...


<?php 
	require_once('settings.php');
	checkLogin('1 2');
 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title>Login System With Admin Features</title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
</head>
 
<body>
 
	<div id="container" style="text-align:center;width:230px;">
 
<?php
	echo 'Hello <em><b><u>' . get_username ( $_SESSION['user_id'] ) . '</u></b></em>!<br />You are now logged in.<br /><br /><a href="update_profile.php" title="update your profile">Click here</a> to update your profile.';
	
	/* we show the manage users link only if the logged in member has admin rights */
	if ( isadmin ( $_SESSION['user_id'] ) ):
?>
	<br /><br />
	It seems that you're an admin. You may <a href="manage_users.php" title="manage users">manage users</a> or <a href="admin_settings.php" title="edit site settings">edit site settings</a>.
<?php
	endif;
?>
	<br /><br />
	
	<a href="logout.php">logout</a>
		
	</div>
	
</body>
 
</html>

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22954288
Here is my database structure...


-- phpMyAdmin SQL Dump
-- version 2.11.8.1
-- http://www.phpmyadmin.net
--
-- Host: 127.0.0.1:3306
-- Generation Time: Nov 13, 2008 at 02:39 PM
-- Server version: 4.1.20
-- PHP Version: 4.3.11
 
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
 
--
-- Database: `sandbud_clients`
--
 
-- --------------------------------------------------------
 
--
-- Table structure for table `users`
--
 
CREATE TABLE IF NOT EXISTS `users` (
  `ID` int(11) NOT NULL auto_increment,
  `Username` varchar(255) NOT NULL default '',
  `Password` varchar(255) NOT NULL default '',
  `date_registered` int(11) NOT NULL default '0',
  `Temp_pass` varchar(55) default NULL,
  `Temp_pass_active` tinyint(1) NOT NULL default '0',
  `Email` varchar(255) NOT NULL default '',
  `Active` int(11) NOT NULL default '0',
  `Level_access` int(11) NOT NULL default '2',
  `Random_key` varchar(32) default NULL,
  PRIMARY KEY  (`ID`),
  UNIQUE KEY `Username` (`Username`),
  UNIQUE KEY `Email` (`Email`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
 
--
-- Dumping data for table `users`
--
 
INSERT INTO `users` (`ID`, `Username`, `Password`, `date_registered`, `Temp_pass`, `Temp_pass_active`, `Email`, `Active`, `Level_access`, `Random_key`) VALUES
(1, 'sandbudd', '227dd828170f456f4fb2ac146846470b', 1226608160, NULL, 0, 'info@sandbuddcustomdesigns.com', 1, 1, 'id61EyYHuBlguD8fg5eG7d9hVfWR1hQg');

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22954299
If you need any other files let me know as I am at a loss
0
 
LVL 17

Expert Comment

by:nplib
ID: 22959685
post your settings.php
0
 

Author Comment

by:sandbudd
ID: 22959703
settings.php
<?php
require ( 'lib/connection.php' );			
require ( 'functions.php' );				
define ( "HOSTNAME", "" );			
define ( "DATABASE", "" );				
define ( "DBUSER", "" );			
define ( "DBPASS", "" );			
define ( "DBPREFIX", "" );				
define ( "APPLICATION_URL", "http://www.sandbudd.com/login/" );
define ( "APPLICATION_FOLDER", "login" );		
define ( "REDIRECT_TO_LOGIN", "login.php" );		
define ( "REDIRECT_AFTER_LOGIN", "members.php" );	
define ( "REDIRECT_ON_LOGOUT", "login.php" );		
define ( "ADMIN_EMAIL", "info@sandbudd.com" );
define ( "KEEP_LOGGED_IN_FOR", 60*60*24*100 );		
define ( "COOKIE_PATH", "/" );				
define ( "DOMAIN_NAME", "www.sandbudd.com" );		
define ( "RUN_ON_DEVELOPMENT", TRUE );			
define ( "REDIRECT_AFTER_CONFIRMATION", TRUE );		
define ( "ALLOW_USERNAME_CHANGE", FALSE );		
define ( "ALLOW_REMEMBER_ME", TRUE );			
 
 
 
define ( "USE_SMTP", FALSE );				
define ( "SMTP_PORT", "" );				
define ( "SMTP_HOST", "" );		
define ( "SMTP_USER", "" );		
define ( "SMTP_PASS", "" );		
define ( "MAIL_IS_HTML", FALSE );			
 
 
if ( function_exists ( 'realpath' ) AND @realpath ( dirname (__FILE__) ) !== FALSE )
{
	define ( "BASE_PATH", str_replace ( "\\", "/", realpath ( dirname(__FILE__) ) ) . '/' );
}
 
 
//how do we handle errors
error_reporting ( ( RUN_ON_DEVELOPMENT ) ? E_ALL : E_WARNING );
if ( file_exists ( BASE_PATH . 'install.php' ) )
{
	die ( "Please delete install.php from your server before continuing!" );
}
 
 
$db = new db ( DBUSER, DBPASS, DATABASE, HOSTNAME );	
?>

Open in new window

0
 
LVL 17

Expert Comment

by:nplib
ID: 22959723
ok post connections.php and functions.php
0
 

Author Comment

by:sandbudd
ID: 22959748
connection.php
<?
 
	
	define("EZSQL_VERSION","1.01");
	define("OBJECT","OBJECT",true);
	define("ARRAY_A","ARRAY_A",true);
	define("ARRAY_N","ARRAY_N",true);
 
	// ==================================================================
	//	The Main Class
	
	class db {
	
		// ==================================================================
		//	DB Constructor - connects to the server and selects a database
		
		function db($dbuser, $dbpassword, $dbname, $dbhost)
		{
	
			$this->dbh = @mysql_connect($dbhost,$dbuser,$dbpassword);
			
			if ( ! $this->dbh )
			{
				$this->print_error("<ol><b>Error establishing a database connection!</b><li>Are you sure you have the correct user/password?<li>Are you sure that you have typed the correct hostname?<li>Are you sure that the database server is running?</ol>");
			}
			
				
			$this->select($dbname);
		
		}
		
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
	
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
	
		// ==================================================================
		//	Basic Query	- see docs for more detail
		
		function query($query, $output = OBJECT) 
		{
			
			// Log how the function was called
			$this->func_call = "\$db->query(\"$query\", $output)";		
			
			// Kill this
			$this->last_result = null;
			$this->col_info = null;
	
			// Keep track of the last query for debug..
			$this->last_query = $query;
			
			// Perform the query via std mysql_query function..
			$this->result = mysql_query($query,$this->dbh);
	
			if ( mysql_error() ) 
			{				
				// If there is an error then take note of it..
				$this->print_error();
				return FALSE;	
			}
			else {
	
				// In other words if this was a select statement..
				if ( $this->result )
				{
	
					// =======================================================
					// Take note of column info
					
					$i=0;
					while ($i < @mysql_num_fields($this->result))
					{
						$this->col_info[$i] = @mysql_fetch_field($this->result);
						$i++;
					}
	
					// =======================================================				
					// Store Query Results
					
					$i=0;
					while ( $row = @mysql_fetch_object($this->result) )
					{ 
	
						// Store relults as an objects within main array
						$this->last_result[$i] = $row;
						
						$i++;
					}
					
					@mysql_free_result($this->result);
				}
				
				return TRUE;
	
			}
		}
		
		// ==================================================================
		//
		
		function RecordCount ( $query )
		{
			return mysql_num_rows ( mysql_query ( $query ) );
		}
		
		// ==================================================================
		//
		
		function Mresult ( $query, $a, $b )
		{
			return mysql_result ( mysql_query ( $query ), $a, $b );
		}
		
		/**
		 * Correctly quotes a string so that all strings are escape coded.
		 * 
		 * @param string			the string to quote
		 * @param [magic_quotes]	if $s is GET/POST var, set to get_magic_quotes_gpc().
		 */
 
		function qstr ( $string, $magic_quotes = false )
		{
			if (!$magic_quotes) {
				if (strnatcmp(PHP_VERSION, '4.3.0') >= 0) {
					return "'" . mysql_real_escape_string($string) . "'";
				}
				$string = str_replace("'", "\\'" , str_replace('\\', '\\\\', str_replace("\0", "\\\0", $string)));
				return  "'" . $string . "'"; 
			}
			return "'" . str_replace('\\"', '"', $string) . "'";
		}
	
		// ==================================================================
		//	Get one variable from the DB - see docs for more detail
		
		function get_var($query=null,$x=0,$y=0)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_var(\"$query\",$x,$y)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract var out of cached results based x,y vals
			if ( $this->last_result[$y] )
			{
				$values = array_values(get_object_vars($this->last_result[$y]));
			}
			
			// If there is a value return it else return null
			return $values[$x]?$values[$x]:null;
		}
	
		// ==================================================================
		//	Get one row from the DB - see docs for more detail
		
		function getRow($query=null,$y=0,$output=OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->getRow(\"$query\",$y,$output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
	
			// If the output is an object then return object using the row offset..
			if ( $output == OBJECT )
			{
				return $this->last_result[$y]?$this->last_result[$y]:null;
			}
			// If the output is an associative array then return row as such..
			elseif ( $output == ARRAY_A )
			{
				return $this->last_result[$y]?get_object_vars($this->last_result[$y]):null;	
			}
			// If the output is an numerical array then return row as such..
			elseif ( $output == ARRAY_N )
			{
				return $this->last_result[$y]?array_values(get_object_vars($this->last_result[$y])):null;
			}
			// If invalid output type was specified..
			else
			{
				$this->print_error(" \$db->getRow(string query,int offset,output type) -- Output type must be one of: OBJECT, ARRAY_A, ARRAY_N ");	
			}
	
		}
	
		// ==================================================================
		//	Function to get 1 column from the cached result set based in X index
		// se docs for usage and info
	
		function get_col($query=null,$x=0)
		{
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract the column values
			for ( $i=0; $i < count($this->last_result); $i++ )
			{
				$new_array[$i] = $this->get_var(null,$x,$i);
			}
			
			return $new_array;
		}
	
		// ==================================================================
		// Return the the query as a result set - see docs for more details
		
		function get_results($query=null, $output = OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_results(\"$query\", $output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}		
	
			// Send back array of objects. Each row is an object		
			if ( $output == OBJECT )
			{
				return $this->last_result; 
			}
			elseif ( $output == ARRAY_A || $output == ARRAY_N )
			{
				if ( $this->last_result )
				{
					$i=0;
					foreach( $this->last_result as $row )
					{
						
						$new_array[$i] = get_object_vars($row);
						
						if ( $output == ARRAY_N )
						{
							$new_array[$i] = array_values($new_array[$i]);
						}
	
						$i++;
					}
				
					return $new_array;
				}
				else
				{
					return null;	
				}
			}
		}
	
	
		// ==================================================================
		// Function to get column meta data info pertaining to the last query
		// see docs for more info and usage
		
		function get_col_info($info_type="name",$col_offset=-1)
		{
	
			if ( $this->col_info )
			{
				if ( $col_offset == -1 )
				{
					$i=0;
					foreach($this->col_info as $col )
					{
						$new_array[$i] = $col->{$info_type};
						$i++;
					}
					return $new_array;
				}
				else
				{
					return $this->col_info[$col_offset]->{$info_type};
				}
			
			}
			
		}
	
	
		// ==================================================================
		// Dumps the contents of any input variable to screen in a nicely
		// formatted and easy to understand way - any type: Object, Var or Array
	
		function vardump($mixed)
		{
 
			echo "<blockquote><font color=000090>";
			echo "<pre><font face=arial>";
			
			if ( ! $this->vardump_called )
			{
				echo "<font color=800080><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Variable Dump..</b></font>\n\n";
			}
	
			print_r($mixed);	
			echo "\n\n<b>Last Query:</b> ".($this->last_query?$this->last_query:"NULL")."\n";
			echo "<b>Last Function Call:</b> " . ($this->func_call?$this->func_call:"None")."\n";
			echo "<b>Last Rows Returned:</b> ".count($this->last_result)."\n";
			echo "</font></pre></font></blockquote>";
			echo "\n<hr size=1 noshade color=dddddd>";
			
			$this->vardump_called = true;
 
		}
	
		// Alias for the above function	
		function dumpvars($mixed)
		{
			$this->vardump($mixed);	
		}
	
		// ==================================================================
		// Displays the last query string that was sent to the database & a 
		// table listing results (if there were any). 
		// (abstracted into a seperate file to save server overhead).
		
		function debug()
		{
			
			echo "<blockquote>";
	
			// Only show ezSQL credits once..
			if ( ! $this->debug_called )
			{
				echo "<font color=800080 face=arial size=2><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Debug..</b></font><p>\n";
			}
			echo "<font face=arial size=2 color=000099><b>Query --</b> ";
			echo "[<font color=000000><b>$this->last_query</b></font>]</font><p>";
	
				echo "<font face=arial size=2 color=000099><b>Query Result..</b></font>";
				echo "<blockquote>";
				
			if ( $this->col_info )
			{
				
				
				
				echo "<table cellpadding=5 cellspacing=1 bgcolor=555555>";
				echo "<tr bgcolor=eeeeee><td nowrap valign=bottom><font color=555599 face=arial size=2><b>(row)</b></font></td>";
	
	
				for ( $i=0; $i < count($this->col_info); $i++ )
				{
					echo "<td nowrap align=left valign=top><font size=1 color=555599 face=arial>{$this->col_info[$i]->type} {$this->col_info[$i]->max_length}<br><font size=2><b>{$this->col_info[$i]->name}</b></font></td>";
				}
	
				echo "</tr>";
	
				// ======================================================
				// print main results
	
			if ( $this->last_result )
			{
	
				$i=0;
				foreach ( $this->get_results(null,ARRAY_N) as $one_row )
				{
					$i++;
					echo "<tr bgcolor=ffffff><td bgcolor=eeeeee nowrap align=middle><font size=2 color=555599 face=arial>$i</font></td>";
	
					foreach ( $one_row as $item )
					{
						echo "<td nowrap><font face=arial size=2>$item</font></td>";	
					}
	
					echo "</tr>";				
				}
	
			} // if last result
			else
			{
				echo "<tr bgcolor=ffffff><td colspan=".(count($this->col_info)+1)."><font face=arial size=2>No Results</font></td></tr>";			
			}
	
			echo "</table>";		
	
			} // if col_info
			else
			{
				echo "<font face=arial size=2>No Results</font>";			
			}
			
			echo "</blockquote></blockquote><hr noshade color=dddddd size=1>";
			
			
			$this->debug_called = true;
		}
	
	
	}
 
?>

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22959765
functions.php
<?php
	
	function checkLogin ( $levels )
	{
		session_start ();
		global $db;
		$kt = split ( ' ', $levels );
		
		if ( ! $_SESSION['logged_in'] ) {
		
			$access = FALSE;
			
			if ( isset ( $_COOKIE['cookie_id'] ) ) {
			
				$query =  'SELECT * FROM ' . DBPREFIX . 'users WHERE ID = ' . $db->qstr ( $_COOKIE['cookie_id'] );
 
				if ( $db->RecordCount ( $query ) == 1 ) {
					$row = $db->getRow ( $query );
					
					
					if ( $_COOKIE['authenticate'] == md5 ( getIP () . $row->Password . $_SERVER['USER_AGENT'] ) ) {
						
						$_SESSION['user_id'] = $row->ID;				
						$_SESSION['logged_in'] = TRUE;
						
						
						if ( in_array ( get_level_access ( $_SESSION['user_id'] ), $kt ) ) {
						
							$access = TRUE;
						}
					}
				}
			}
		}
		else {			
			$access = FALSE;
			
			if ( in_array ( get_level_access ( $_SESSION['user_id'] ), $kt ) ) {
				$access = TRUE;
			}
		}
		
		if ( $access == FALSE ) {
			header ( "Location: " . REDIRECT_TO_LOGIN );
		}		
	}
	
	
	
	function get_level_access ( $user_id )
	{
		global $db;
		$row = $db->getRow ( 'SELECT Level_access FROM ' . DBPREFIX . 'users WHERE ID = ' . $db->qstr ( $user_id ) );
		return $row->Level_access;
	}
	
	
	
	function logout ()
	{
		
		session_start ();
	
		
		if ( $_SESSION['logged_in'] == TRUE )
		{	
			
			unset ( $_SESSION ); 
			
			session_destroy (); 
		}
		
		
		if ( isset ( $_COOKIE['cookie_id'] ) && isset ( $_COOKIE['authenticate'] ) ) {
			
			setcookie ( "cookie_id", '', time() - KEEP_LOGGED_IN_FOR, COOKIE_PATH );
			setcookie ( "authenticate", '', time() - KEEP_LOGGED_IN_FOR, COOKIE_PATH );
		}
		
		
		header ( "Location: " . REDIRECT_ON_LOGOUT );
	}
	
	
	
	function clear_cookies ()
	{
		
		if ( isset( $_SERVER['HTTP_COOKIE'] ) ) {
			$cookies = explode ( ';', $_SERVER['HTTP_COOKIE'] );
			
			foreach ( $cookies as $cookie ) {
				$parts = explode ( '=', $cookie );
				$name = trim ( $parts [ 0 ] );
				setcookie ( $name, '', time() - KEEP_LOGGED_IN_FOR );
				setcookie ( $name, '', time() - KEEP_LOGGED_IN_FOR, '/' );
			}
		}
	}
	
	
	function set_login_sessions ( $user_id, $password, $remember )
	{
		
		session_start();
		
		
		$_SESSION['user_id'] = $user_id;
		$_SESSION['logged_in'] = TRUE;
		
		
		if ( $remember ) {
			setcookie ( "cookie_id", $user_id, time() + KEEP_LOGGED_IN_FOR, COOKIE_PATH );
			setcookie ( "authenticate", md5 ( getIP () . $password . $_SERVER['USER_AGENT'] ), time() + KEEP_LOGGED_IN_FOR, COOKIE_PATH );
		}
	}
	
	
	function valid_email ( $str )
	{
		return ( ! preg_match ( "/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str ) ) ? FALSE : TRUE;
	}
 
	
	function checkUnique ( $field, $compared )
	{
		global $db;
 
		$query = $db->getRow ( "SELECT COUNT(*) as total FROM `" . DBPREFIX . "users` WHERE " . $field . " = " . $db->qstr ( $compared ) );
 
		if ( $query->total == 0 ) {
			return TRUE;
		}
		else {
			return FALSE;
		}
	}
 
	
	function numeric ( $str )
	{
		return ( ! ereg ( "^[0-9\.]+$", $str ) ) ? FALSE : TRUE;
	}
	
	
	function alpha_numeric ( $str )
	{
		return ( ! preg_match ( "/^([-a-z0-9])+$/i", $str ) ) ? FALSE : TRUE;
	}
	
	
	function random_string ( $type = 'alnum', $len = 8 )
	{					
		switch ( $type )
		{
			case 'alnum'	:
			case 'numeric'	:
			case 'nozero'	:
			
					switch ($type)
					{
						case 'alnum'	:	$pool = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
							break;
						case 'numeric'	:	$pool = '0123456789';
							break;
						case 'nozero'	:	$pool = '123456789';
							break;
					}
	
					$str = '';
					for ( $i=0; $i < $len; $i++ )
					{
						$str .= substr ( $pool, mt_rand ( 0, strlen ( $pool ) -1 ), 1 );
					}
					return $str;
			break;
			case 'unique' : return md5 ( uniqid ( mt_rand () ) );
			break;
		}
	}
 
	
	function get_username ( $id )
	{
		global $db;
		
		$query = "SELECT `Username` FROM `" . DBPREFIX . "users` WHERE `ID` = " . $db->qstr ( $id );
		
		if ( $db->RecordCount ( $query ) == 1 )
		{
			$row = $db->getRow ( $query );
			
			return $row->Username;
		}
		else {
			return FALSE;
		}
	}
	
	
	function isadmin ( $id )
	{
		global $db;
		
		$query = "SELECT `Level_access` FROM `" . DBPREFIX . "users` WHERE `ID` = " . $db->qstr ( $id );
		
		if ( $db->RecordCount ( $query ) == 1 )
		{
			$row = $db->getRow ( $query );
			
			if ( $row->Level_access == 1 )
			{
				return TRUE;
			}
			else {
				return FALSE;
			}
		}
		else {
			return FALSE;
		}
	}
	
	
	function html2txt ( $document )
	{
		$search = array("'<script[^>]*?>.*?</script>'si",	
				"'<[\/\!]*?[^<>]*?>'si",		
				"'([\r\n])[\s]+'",			
				"'@<![\s\S]*?[ \t\n\r]*>@'",
				"'&(quot|#34|#034|#x22);'i",	
				"'&(amp|#38|#038|#x26);'i",		
				"'&(lt|#60|#060|#x3c);'i",
				"'&(gt|#62|#062|#x3e);'i",
				"'&(nbsp|#160|#xa0);'i",
				"'&(iexcl|#161);'i",
				"'&(cent|#162);'i",
				"'&(pound|#163);'i",
				"'&(copy|#169);'i",
				"'&(reg|#174);'i",
				"'&(deg|#176);'i",
				"'&(#39|#039|#x27);'",
				"'&(euro|#8364);'i",			
				"'&a(uml|UML);'",			
				"'&o(uml|UML);'",
				"'&u(uml|UML);'",
				"'&A(uml|UML);'",
				"'&O(uml|UML);'",
				"'&U(uml|UML);'",
				"'&szlig;'i",
				);
		$replace = array(	"",
					"",
					" ",
					"\"",
					"&",
					"<",
					">",
					" ",
					chr(161),
					chr(162),
					chr(163),
					chr(169),
					chr(174),
					chr(176),
					chr(39),
					chr(128),
					"ä",
					"ö",
					"ü",
					"Ä",
					"Ö",
					"Ü",
					"ß",
				);
 
		$text = preg_replace($search,$replace,$document);
 
		return trim ( $text );
	}
	
	
	function send_email ( $subject, $to, $body )
	{
		require ( BASE_PATH . "/lib/phpmailer/class.phpmailer.php" );
		
		$mail = new PHPMailer();
		
		
		if ( USE_SMTP ) {
			$mail->IsSMTP();
			$mail->SMTPAuth = true;
			$mail->Host = SMTP_HOST;
			$mail->Port = SMTP_PORT;
			$mail->Password = SMTP_PASS;
			$mail->Username = SMTP_USER;
		}
 
		$mail->From = ADMIN_EMAIL;
		$mail->FromName = DOMAIN_NAME;
		$mail->AddAddress( $to );
		$mail->AddReplyTo ( ADMIN_EMAIL, DOMAIN_NAME );
		$mail->Subject = $subject;
		$mail->Body = $body;
		$mail->WordWrap = 100;
		$mail->IsHTML ( MAIL_IS_HTML );
		$mail->AltBody  =  html2txt ( $body );
 
		if ( ! $mail->Send() ) {
			if ( RUN_ON_DEVELOPMENT ) {
				echo $mail->ErrorInfo;
			}
			return FALSE;
		}
		else {
			return TRUE;
		}
	}
	
	
	function ip_first ( $ips ) 
	{
		if ( ( $pos = strpos ( $ips, ',' ) ) != false ) {
			return substr ( $ips, 0, $pos );
		} 
		else {
			return $ips;
		}
	}
	
 
 
	function ip_valid ( $ips )
	{
		if ( isset( $ips ) ) {
			$ip    = ip_first ( $ips );
			$ipnum = ip2long ( $ip );
			if ( $ipnum !== -1 && $ipnum !== false && ( long2ip ( $ipnum ) === $ip ) ) {
				if ( ( $ipnum < 167772160   || $ipnum > 184549375 ) && 
				( $ipnum < - 1408237568 || $ipnum > - 1407188993 ) && 
				( $ipnum < - 1062731776 || $ipnum > - 1062666241 ) )   
				return true;
			}
		}
		return false;
	}
	
	
	function getIP () 
	{
		$check = array(
				'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_FORWARDED_FOR',
				'HTTP_FORWARDED', 'HTTP_VIA', 'HTTP_X_COMING_FROM', 'HTTP_COMING_FROM',
				'HTTP_CLIENT_IP'
				);
 
		foreach ( $check as $c ) {
			if ( ip_valid ( &$_SERVER [ $c ] ) ) {
				return ip_first ( $_SERVER [ $c ] );
			}
		}
 
		return $_SERVER['REMOTE_ADDR'];
	}
	
	
	
	function sanitize ( $var, $santype = 3 )
	{
		if ( $santype == 1 ) {
			return strip_tags ( $var );
		}
		if ( $santype == 2 ) {
			return htmlentities ( strip_tags ( $var ), ENT_QUOTES, 'UTF-8' );
		}
		if ( $santype == 3 ) {
			if ( ! get_magic_quotes_gpc () ) {
				return addslashes ( htmlentities ( strip_tags ( $var ), ENT_QUOTES, 'UTF-8' ) );
			}
			else {
			   return htmlentities ( strip_tags ( $var ), ENT_QUOTES, 'UTF-8' );
			}
		}
	}
?>

Open in new window

0
 
LVL 17

Expert Comment

by:nplib
ID: 22959798
From what I see, in your settings.php, you define DBUSER, DBPASS, DATABASE, HOSTNAME as empty variables, then try to use them to connect to your DB.

These need to have values, this could be causing you blank page.

Plus you will need session_start() where I told you to place it.
0
 

Author Comment

by:sandbudd
ID: 22959832
I just took those out so they were not published on the net...I can populate the database just find...for example to sign up..  where and witch file do I put the session_start please?
0
 

Author Comment

by:sandbudd
ID: 22959837
it is in the functions file?
0
 
LVL 17

Expert Comment

by:nplib
ID: 22959855

<?php
session_start();
error_reporting(E_ALL);
 
        require_once ( 'settings.php' );
 
        if ( array_key_exists ( '_submit_check', $_POST ) )
        {
                if ( $_POST['username'] != '' && $_POST['password'] != '' )
                {
...........................

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22959867
which file login.php?
0
 
LVL 17

Expert Comment

by:nplib
ID: 22959886
I guess so, the one that started this post.

you never specified it's exact file name.
0
 

Author Comment

by:sandbudd
ID: 22959902
thats the login script...I add this and still goes back to the login page
<?php
session_start();
error_reporting(E_ALL);
 
        require_once ( 'settings.php' );
 
        if ( array_key_exists ( '_submit_check', $_POST ) )
        {
                if ( $_POST['username'] != '' && $_POST['password'] != '' )
                {
 
			$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
			if ( $db->RecordCount ( $query ) == 1 )
			{
				$row = $db->getRow ( $query );
				if ( $row->Active == 1 )
				{
					set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
					header ( "Location: " . REDIRECT_AFTER_LOGIN );
				}
				elseif ( $row->Active == 0 ) {
					$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
				}
				elseif ( $row->Active == 2 ) {
					$error = 'You are suspended!';
				}
			}
			else {		
				$error = 'Login failed!';		
			}
		}
		else {
			$error = 'Please use both your username and password to access your account';
		}
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title></title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
 
</head>
 
<body>
 
	<div id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
	</div>
	<div id="container" style="width:230px;">
 
		<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
 
			<input type="hidden" name="_submit_check" value="1"/> 
		
			<div style="margin-top:12px; margin-bottom:10px">
				<img src="images/username.gif" alt="username" border="0" />
				<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
			</div>
			<div style="margin-bottom:6px">
				<img src="images/password.gif" alt="password" border="0" />
				<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
			</div>
			<?php if ( ALLOW_REMEMBER_ME ):?>
			<div style="margin-bottom:6px">
				<input type="checkbox" name="remember" id="remember" />
				<label for="remember">Remember me</label>
			</div>
			<?php endif;?>
			<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
			<br class="clear" />
			<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>
			
		</form>
		
		
	</div>
	
</body>
 
</html>

Open in new window

0
 
LVL 17

Expert Comment

by:nplib
ID: 22959918
I thought your problem was you were getting a blank screen?
0
 

Author Comment

by:sandbudd
ID: 22960065
oh heck Im sorry...got it to where the login page shows up but now what is happening is when I go to log in it is supposed to go to members page but defaults and redirects back to the sign in page.
0
 

Author Comment

by:sandbudd
ID: 22960089
for a new member works fine and populates the database
0
 

Author Comment

by:sandbudd
ID: 22960099
but then when trying to sign in it redirects to the login page instead of the members page...
0
 

Author Comment

by:sandbudd
ID: 22960390
are you still there?
0
 
LVL 17

Expert Comment

by:nplib
ID: 22961021
post your members.php file
0
 

Author Comment

by:sandbudd
ID: 22961330
members.php
<?php 
 
	require_once('settings.php');
	checkLogin('1 2');
 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title></title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
</head>
 
<body>
 
	<div id="container" style="text-align:center;width:230px;">
 
<?php
	echo 'Hello <em><b><u>' . get_username ( $_SESSION['user_id'] ) . '</u></b></em>!<br />You are now logged in.<br /><br /><a href="update_profile.php" title="update your profile">Click here</a> to update your profile.';
	
	/* we show the manage users link only if the logged in member has admin rights */
	if ( isadmin ( $_SESSION['user_id'] ) ):
?>
	<br /><br />
	It seems that you're an admin. You may <a href="manage_users.php" title="manage users">manage users</a> or <a href="admin_settings.php" title="edit site settings">edit site settings</a>.
<?php
	endif;
?>
	<br /><br />
	
	<a href="logout.php">logout</a>
		
	</div>
	
</body>
 
</html>

Open in new window

0
 
LVL 17

Expert Comment

by:nplib
ID: 22961363
remove session_start() from functions.php

add session_start() to the top of members.php
0
 

Author Comment

by:sandbudd
ID: 22961397
now I get a blank page?
0
 
LVL 17

Expert Comment

by:nplib
ID: 22961430
k, now we are getting somewhere.

do this to your members.php

and make sure you remove session_start() from functions.php
<?php
session_start();
error_reporting(E_ALL);
 
require_once('settings.php');
checkLogin('1 2');
 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title></title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
</head>
 
<body>
 
	<div id="container" style="text-align:center;width:230px;">
 
<?php
	echo 'Hello <em><b><u>' . get_username ( $_SESSION['user_id'] ) . '</u></b></em>!<br />You are now logged in.<br /><br /><a href="update_profile.php" title="update your profile">Click here</a> to update your profile.';
	
	/* we show the manage users link only if the logged in member has admin rights */
	if ( isadmin ( $_SESSION['user_id'] ) ):
?>
	<br /><br />
	It seems that you're an admin. You may <a href="manage_users.php" title="manage users">manage users</a> or <a href="admin_settings.php" title="edit site settings">edit site settings</a>.
<?php
	endif;
?>
	<br /><br />
	
	<a href="logout.php">logout</a>
		
	</div>
	
</body>
 
</html>

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22961455
okay the only file that has the session_start is members and it returns back to the start page
0
 
LVL 17

Expert Comment

by:nplib
ID: 22961493
ok, so login.php and members.php have session_start() in them now.

close your browser and reopen, tell me the results try and login

0
 

Author Comment

by:sandbudd
ID: 22961550
login.php and members.php are the only session_start()

closed firefox and even cleared browser history, cookies etc...
and still goes back to login page
0
 
LVL 17

Expert Comment

by:nplib
ID: 22961572
but not blank right?

k, post the most current versions of login.php, members.php, connections.php, functions.php and settings.php
0
 
LVL 17

Expert Comment

by:nplib
ID: 22961578
This could take a little time for me to read it all.
0
 

Author Comment

by:sandbudd
ID: 22961624
login.php
<?php
session_start();
error_reporting(E_ALL);
 
        require_once ( 'settings.php' );
 
        if ( array_key_exists ( '_submit_check', $_POST ) )
        {
                if ( $_POST['username'] != '' && $_POST['password'] != '' )
                {
 
			$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
			if ( $db->RecordCount ( $query ) == 1 )
			{
				$row = $db->getRow ( $query );
				if ( $row->Active == 1 )
				{
					set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
					header ( "Location: " . REDIRECT_AFTER_LOGIN );
				}
				elseif ( $row->Active == 0 ) {
					$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
				}
				elseif ( $row->Active == 2 ) {
					$error = 'You are suspended!';
				}
			}
			else {		
				$error = 'Login failed!';		
			}
		}
		else {
			$error = 'Please use both your username and password to access your account';
		}
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title></title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
 
</head>
 
<body>
 
	<div id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
	</div>
	<div id="container" style="width:230px;">
 
		<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
 
			<input type="hidden" name="_submit_check" value="1"/> 
		
			<div style="margin-top:12px; margin-bottom:10px">
				<img src="images/username.gif" alt="username" border="0" />
				<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
			</div>
			<div style="margin-bottom:6px">
				<img src="images/password.gif" alt="password" border="0" />
				<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
			</div>
			<?php if ( ALLOW_REMEMBER_ME ):?>
			<div style="margin-bottom:6px">
				<input type="checkbox" name="remember" id="remember" />
				<label for="remember">Remember me</label>
			</div>
			<?php endif;?>
			<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
			<br class="clear" />
			<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>
			
		</form>
		
		
	</div>
	
</body>
 
</html>

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22961631
members.php
<?php
session_start();
error_reporting(E_ALL);
 
require_once('settings.php');
checkLogin('1 2');
 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title></title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
</head>
 
<body>
 
	<div id="container" style="text-align:center;width:230px;">
 
<?php
	echo 'Hello <em><b><u>' . get_username ( $_SESSION['user_id'] ) . '</u></b></em>!<br />You are now logged in.<br /><br /><a href="update_profile.php" title="update your profile">Click here</a> to update your profile.';
	
	/* we show the manage users link only if the logged in member has admin rights */
	if ( isadmin ( $_SESSION['user_id'] ) ):
?>
	<br /><br />
	It seems that you're an admin. You may <a href="manage_users.php" title="manage users">manage users</a> or <a href="admin_settings.php" title="edit site settings">edit site settings</a>.
<?php
	endif;
?>
	<br /><br />
	
	<a href="logout.php">logout</a>
		
	</div>
	
</body>
 
</html>

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22961642
connection.php
<?
 
	define("EZSQL_VERSION","1.01");
	define("OBJECT","OBJECT",true);
	define("ARRAY_A","ARRAY_A",true);
	define("ARRAY_N","ARRAY_N",true);
 
	// ==================================================================
	//	The Main Class
	
	class db {
	
		// ==================================================================
		//	DB Constructor - connects to the server and selects a database
		
		function db($dbuser, $dbpassword, $dbname, $dbhost)
		{
	
			$this->dbh = @mysql_connect($dbhost,$dbuser,$dbpassword);
			
			if ( ! $this->dbh )
			{
				$this->print_error("<ol><b>Error establishing a database connection!</b><li>Are you sure you have the correct user/password?<li>Are you sure that you have typed the correct hostname?<li>Are you sure that the database server is running?</ol>");
			}
			
				
			$this->select($dbname);
		
		}
		
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
	
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
	
		// ==================================================================
		//	Basic Query	- see docs for more detail
		
		function query($query, $output = OBJECT) 
		{
			
			// Log how the function was called
			$this->func_call = "\$db->query(\"$query\", $output)";		
			
			// Kill this
			$this->last_result = null;
			$this->col_info = null;
	
			// Keep track of the last query for debug..
			$this->last_query = $query;
			
			// Perform the query via std mysql_query function..
			$this->result = mysql_query($query,$this->dbh);
	
			if ( mysql_error() ) 
			{				
				// If there is an error then take note of it..
				$this->print_error();
				return FALSE;	
			}
			else {
	
				// In other words if this was a select statement..
				if ( $this->result )
				{
	
					// =======================================================
					// Take note of column info
					
					$i=0;
					while ($i < @mysql_num_fields($this->result))
					{
						$this->col_info[$i] = @mysql_fetch_field($this->result);
						$i++;
					}
	
					// =======================================================				
					// Store Query Results
					
					$i=0;
					while ( $row = @mysql_fetch_object($this->result) )
					{ 
	
						// Store relults as an objects within main array
						$this->last_result[$i] = $row;
						
						$i++;
					}
					
					@mysql_free_result($this->result);
				}
				
				return TRUE;
	
			}
		}
		
		// ==================================================================
		//
		
		function RecordCount ( $query )
		{
			return mysql_num_rows ( mysql_query ( $query ) );
		}
		
		// ==================================================================
		//
		
		function Mresult ( $query, $a, $b )
		{
			return mysql_result ( mysql_query ( $query ), $a, $b );
		}
		
		/**
		 * Correctly quotes a string so that all strings are escape coded.
		 * 
		 * @param string			the string to quote
		 * @param [magic_quotes]	if $s is GET/POST var, set to get_magic_quotes_gpc().
		 */
 
		function qstr ( $string, $magic_quotes = false )
		{
			if (!$magic_quotes) {
				if (strnatcmp(PHP_VERSION, '4.3.0') >= 0) {
					return "'" . mysql_real_escape_string($string) . "'";
				}
				$string = str_replace("'", "\\'" , str_replace('\\', '\\\\', str_replace("\0", "\\\0", $string)));
				return  "'" . $string . "'"; 
			}
			return "'" . str_replace('\\"', '"', $string) . "'";
		}
	
		// ==================================================================
		//	Get one variable from the DB - see docs for more detail
		
		function get_var($query=null,$x=0,$y=0)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_var(\"$query\",$x,$y)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract var out of cached results based x,y vals
			if ( $this->last_result[$y] )
			{
				$values = array_values(get_object_vars($this->last_result[$y]));
			}
			
			// If there is a value return it else return null
			return $values[$x]?$values[$x]:null;
		}
	
		// ==================================================================
		//	Get one row from the DB - see docs for more detail
		
		function getRow($query=null,$y=0,$output=OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->getRow(\"$query\",$y,$output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
	
			// If the output is an object then return object using the row offset..
			if ( $output == OBJECT )
			{
				return $this->last_result[$y]?$this->last_result[$y]:null;
			}
			// If the output is an associative array then return row as such..
			elseif ( $output == ARRAY_A )
			{
				return $this->last_result[$y]?get_object_vars($this->last_result[$y]):null;	
			}
			// If the output is an numerical array then return row as such..
			elseif ( $output == ARRAY_N )
			{
				return $this->last_result[$y]?array_values(get_object_vars($this->last_result[$y])):null;
			}
			// If invalid output type was specified..
			else
			{
				$this->print_error(" \$db->getRow(string query,int offset,output type) -- Output type must be one of: OBJECT, ARRAY_A, ARRAY_N ");	
			}
	
		}
	
		// ==================================================================
		//	Function to get 1 column from the cached result set based in X index
		// se docs for usage and info
	
		function get_col($query=null,$x=0)
		{
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract the column values
			for ( $i=0; $i < count($this->last_result); $i++ )
			{
				$new_array[$i] = $this->get_var(null,$x,$i);
			}
			
			return $new_array;
		}
	
		// ==================================================================
		// Return the the query as a result set - see docs for more details
		
		function get_results($query=null, $output = OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_results(\"$query\", $output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}		
	
			// Send back array of objects. Each row is an object		
			if ( $output == OBJECT )
			{
				return $this->last_result; 
			}
			elseif ( $output == ARRAY_A || $output == ARRAY_N )
			{
				if ( $this->last_result )
				{
					$i=0;
					foreach( $this->last_result as $row )
					{
						
						$new_array[$i] = get_object_vars($row);
						
						if ( $output == ARRAY_N )
						{
							$new_array[$i] = array_values($new_array[$i]);
						}
	
						$i++;
					}
				
					return $new_array;
				}
				else
				{
					return null;	
				}
			}
		}
	
	
		// ==================================================================
		// Function to get column meta data info pertaining to the last query
		// see docs for more info and usage
		
		function get_col_info($info_type="name",$col_offset=-1)
		{
	
			if ( $this->col_info )
			{
				if ( $col_offset == -1 )
				{
					$i=0;
					foreach($this->col_info as $col )
					{
						$new_array[$i] = $col->{$info_type};
						$i++;
					}
					return $new_array;
				}
				else
				{
					return $this->col_info[$col_offset]->{$info_type};
				}
			
			}
			
		}
	
	
		// ==================================================================
		// Dumps the contents of any input variable to screen in a nicely
		// formatted and easy to understand way - any type: Object, Var or Array
	
		function vardump($mixed)
		{
 
			echo "<blockquote><font color=000090>";
			echo "<pre><font face=arial>";
			
			if ( ! $this->vardump_called )
			{
				echo "<font color=800080><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Variable Dump..</b></font>\n\n";
			}
	
			print_r($mixed);	
			echo "\n\n<b>Last Query:</b> ".($this->last_query?$this->last_query:"NULL")."\n";
			echo "<b>Last Function Call:</b> " . ($this->func_call?$this->func_call:"None")."\n";
			echo "<b>Last Rows Returned:</b> ".count($this->last_result)."\n";
			echo "</font></pre></font></blockquote>";
			echo "\n<hr size=1 noshade color=dddddd>";
			
			$this->vardump_called = true;
 
		}
	
		// Alias for the above function	
		function dumpvars($mixed)
		{
			$this->vardump($mixed);	
		}
	
		// ==================================================================
		// Displays the last query string that was sent to the database & a 
		// table listing results (if there were any). 
		// (abstracted into a seperate file to save server overhead).
		
		function debug()
		{
			
			echo "<blockquote>";
	
			// Only show ezSQL credits once..
			if ( ! $this->debug_called )
			{
				echo "<font color=800080 face=arial size=2><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Debug..</b></font><p>\n";
			}
			echo "<font face=arial size=2 color=000099><b>Query --</b> ";
			echo "[<font color=000000><b>$this->last_query</b></font>]</font><p>";
	
				echo "<font face=arial size=2 color=000099><b>Query Result..</b></font>";
				echo "<blockquote>";
				
			if ( $this->col_info )
			{
				
				// =====================================================
				// Results top rows
				
				echo "<table cellpadding=5 cellspacing=1 bgcolor=555555>";
				echo "<tr bgcolor=eeeeee><td nowrap valign=bottom><font color=555599 face=arial size=2><b>(row)</b></font></td>";
	
	
				for ( $i=0; $i < count($this->col_info); $i++ )
				{
					echo "<td nowrap align=left valign=top><font size=1 color=555599 face=arial>{$this->col_info[$i]->type} {$this->col_info[$i]->max_length}<br><font size=2><b>{$this->col_info[$i]->name}</b></font></td>";
				}
	
				echo "</tr>";
	
				// ======================================================
				// print main results
	
			if ( $this->last_result )
			{
	
				$i=0;
				foreach ( $this->get_results(null,ARRAY_N) as $one_row )
				{
					$i++;
					echo "<tr bgcolor=ffffff><td bgcolor=eeeeee nowrap align=middle><font size=2 color=555599 face=arial>$i</font></td>";
	
					foreach ( $one_row as $item )
					{
						echo "<td nowrap><font face=arial size=2>$item</font></td>";	
					}
	
					echo "</tr>";				
				}
	
			} // if last result
			else
			{
				echo "<tr bgcolor=ffffff><td colspan=".(count($this->col_info)+1)."><font face=arial size=2>No Results</font></td></tr>";			
			}
	
			echo "</table>";		
	
			} // if col_info
			else
			{
				echo "<font face=arial size=2>No Results</font>";			
			}
			
			echo "</blockquote></blockquote><hr noshade color=dddddd size=1>";
			
			
			$this->debug_called = true;
		}
	
	
	}
 
?>

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22961647
functions.php
<?php
 
 
 
	function checkLogin ( $levels )
	{
		
		global $db;
		$kt = split ( ' ', $levels );
		
		if ( ! $_SESSION['logged_in'] ) {
		
			$access = FALSE;
			
			if ( isset ( $_COOKIE['cookie_id'] ) ) {//if we have a cookie
			
				$query =  'SELECT * FROM ' . DBPREFIX . 'users WHERE ID = ' . $db->qstr ( $_COOKIE['cookie_id'] );
 
				if ( $db->RecordCount ( $query ) == 1 ) {//only one user can match that query
					$row = $db->getRow ( $query );
					
					//let's see if we pass the validation, no monkey business
					if ( $_COOKIE['authenticate'] == md5 ( getIP () . $row->Password . $_SERVER['USER_AGENT'] ) ) {
						//we set the sessions so we don't repeat this step over and over again
						$_SESSION['user_id'] = $row->ID;				
						$_SESSION['logged_in'] = TRUE;
						
						//now we check the level access, we might not have the permission
						if ( in_array ( get_level_access ( $_SESSION['user_id'] ), $kt ) ) {
							//we do?! horray!
							$access = TRUE;
						}
					}
				}
			}
		}
		else {			
			$access = FALSE;
			
			if ( in_array ( get_level_access ( $_SESSION['user_id'] ), $kt ) ) {
				$access = TRUE;
			}
		}
		
		if ( $access == FALSE ) {
			header ( "Location: " . REDIRECT_TO_LOGIN );
		}		
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * get_level_access
	 *
	 * Returns the level access of a given user
	 *
	 * @param	string
	 * @access	public
	 * @return 	string
	 */
	
	function get_level_access ( $user_id )
	{
		global $db;
		$row = $db->getRow ( 'SELECT Level_access FROM ' . DBPREFIX . 'users WHERE ID = ' . $db->qstr ( $user_id ) );
		return $row->Level_access;
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * logout
	 *
	 * Handles logouts
	 *
	 * @param	none
	 * @access	public
	 */
	
	function logout ()
	{
		//session must be started before anything
		session_start ();
	
		//if we have a valid session
		if ( $_SESSION['logged_in'] == TRUE )
		{	
			//unset the sessions (all of them - array given)
			unset ( $_SESSION ); 
			//destroy what's left
			session_destroy (); 
		}
		
		//It is safest to set the cookies with a date that has already expired.
		if ( isset ( $_COOKIE['cookie_id'] ) && isset ( $_COOKIE['authenticate'] ) ) {
			/**
			 * uncomment the following line if you wish to remove all cookies 
			 * (don't forget to comment ore delete the following 2 lines if you decide to use clear_cookies)
			 */
			//clear_cookies ();
			setcookie ( "cookie_id", '', time() - KEEP_LOGGED_IN_FOR, COOKIE_PATH );
			setcookie ( "authenticate", '', time() - KEEP_LOGGED_IN_FOR, COOKIE_PATH );
		}
		
		//redirect the user to the default "logout" page
		header ( "Location: " . REDIRECT_ON_LOGOUT );
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * clear_cookies
	 *
	 * Clears the cookies
	 * Not used by default but present if needed
	 *
	 * @param	none
	 * @access	public
	 */
	
	function clear_cookies ()
	{
		// unset cookies
		if ( isset( $_SERVER['HTTP_COOKIE'] ) ) {
			$cookies = explode ( ';', $_SERVER['HTTP_COOKIE'] );
			//loop through the array of cookies and set them in the past
			foreach ( $cookies as $cookie ) {
				$parts = explode ( '=', $cookie );
				$name = trim ( $parts [ 0 ] );
				setcookie ( $name, '', time() - KEEP_LOGGED_IN_FOR );
				setcookie ( $name, '', time() - KEEP_LOGGED_IN_FOR, '/' );
			}
		}
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * set_login_sessions - sets the login sessions
	 *
	 * @access	public
	 * @param	string
	 * @return	none
	 */
	
	function set_login_sessions ( $user_id, $password, $remember )
	{
		//start the session
		session_start();
		
		//set the sessions
		$_SESSION['user_id'] = $user_id;
		$_SESSION['logged_in'] = TRUE;
		
		//do we have "remember me"?
		if ( $remember ) {
			setcookie ( "cookie_id", $user_id, time() + KEEP_LOGGED_IN_FOR, COOKIE_PATH );
			setcookie ( "authenticate", md5 ( getIP () . $password . $_SERVER['USER_AGENT'] ), time() + KEEP_LOGGED_IN_FOR, COOKIE_PATH );
		}
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * Validate if email
	 *
	 * Determines if the passed param is a valid email
	 *
	 * @access	public
	 * @param	string
	 * @return	bool
	 */
	
	function valid_email ( $str )
	{
		return ( ! preg_match ( "/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str ) ) ? FALSE : TRUE;
	}
 
	// ------------------------------------------------------------------------
	
	/**
	 * Check unique
	 *
	 * Performs a check to determine if one parameter is unique in the database
	 *
	 * @access	public
	 * @param	string
	 * @param	string
	 * @return	bool
	 */
 
 
	function checkUnique ( $field, $compared )
	{
		global $db;
 
		$query = $db->getRow ( "SELECT COUNT(*) as total FROM `" . DBPREFIX . "users` WHERE " . $field . " = " . $db->qstr ( $compared ) );
 
		if ( $query->total == 0 ) {
			return TRUE;
		}
		else {
			return FALSE;
		}
	}
 
	// ------------------------------------------------------------------------
	
	/**
	 * Validate if numeric
	 *
	 * Validates string against numeric characters
	 *
	 * @access	public
	 * @param	string
	 * @return	bool
	 */
 
 
	function numeric ( $str )
	{
		return ( ! ereg ( "^[0-9\.]+$", $str ) ) ? FALSE : TRUE;
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * Validate if alfa numeric
	 *
	 * Validates string against alpha numeric characters
	 *
	 * @access	public
	 * @param	string
	 * @return	bool
	 */
 
	function alpha_numeric ( $str )
	{
		return ( ! preg_match ( "/^([-a-z0-9])+$/i", $str ) ) ? FALSE : TRUE;
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * Create a Random String
	 *
	 * Useful for generating passwords or hashes.
	 *
	 * @access	public
	 * @param	string 	type of random string.  Options: alunum, numeric, nozero, unique
	 * @param	none
	 * @return	string
	 */
	 
	 
	function random_string ( $type = 'alnum', $len = 8 )
	{					
		switch ( $type )
		{
			case 'alnum'	:
			case 'numeric'	:
			case 'nozero'	:
			
					switch ($type)
					{
						case 'alnum'	:	$pool = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
							break;
						case 'numeric'	:	$pool = '0123456789';
							break;
						case 'nozero'	:	$pool = '123456789';
							break;
					}
	
					$str = '';
					for ( $i=0; $i < $len; $i++ )
					{
						$str .= substr ( $pool, mt_rand ( 0, strlen ( $pool ) -1 ), 1 );
					}
					return $str;
			break;
			case 'unique' : return md5 ( uniqid ( mt_rand () ) );
			break;
		}
	}
 
	// ------------------------------------------------------------------------
	
	/**
	 * Get username - Returns the username of the logged in member based on session ID
	 *
	 * @access	public
	 * @param	string
	 * @return	string/bool
	 */
	 
	 
	function get_username ( $id )
	{
		global $db;
		
		$query = "SELECT `Username` FROM `" . DBPREFIX . "users` WHERE `ID` = " . $db->qstr ( $id );
		
		if ( $db->RecordCount ( $query ) == 1 )
		{
			$row = $db->getRow ( $query );
			
			return $row->Username;
		}
		else {
			return FALSE;
		}
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * Is admin - Determines if the logged in member is an admin
	 *
	 * @access	public
	 * @param	string
	 * @return	bool
	 */
	 
	
	function isadmin ( $id )
	{
		global $db;
		
		$query = "SELECT `Level_access` FROM `" . DBPREFIX . "users` WHERE `ID` = " . $db->qstr ( $id );
		
		if ( $db->RecordCount ( $query ) == 1 )
		{
			$row = $db->getRow ( $query );
			
			if ( $row->Level_access == 1 )
			{
				return TRUE;
			}
			else {
				return FALSE;
			}
		}
		else {
			return FALSE;
		}
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * html2txt - converts html to text
	 *
	 * @access	public
	 * @param	string
	 * @return	string
	 */
	 
	function html2txt ( $document )
	{
		$search = array("'<script[^>]*?>.*?</script>'si",	// strip out javascript
				"'<[\/\!]*?[^<>]*?>'si",		// strip out html tags
				"'([\r\n])[\s]+'",			// strip out white space
				"'@<![\s\S]*?[ \t\n\r]*>@'",
				"'&(quot|#34|#034|#x22);'i",		// replace html entities
				"'&(amp|#38|#038|#x26);'i",		// added hexadecimal values
				"'&(lt|#60|#060|#x3c);'i",
				"'&(gt|#62|#062|#x3e);'i",
				"'&(nbsp|#160|#xa0);'i",
				"'&(iexcl|#161);'i",
				"'&(cent|#162);'i",
				"'&(pound|#163);'i",
				"'&(copy|#169);'i",
				"'&(reg|#174);'i",
				"'&(deg|#176);'i",
				"'&(#39|#039|#x27);'",
				"'&(euro|#8364);'i",			// europe
				"'&a(uml|UML);'",			// german
				"'&o(uml|UML);'",
				"'&u(uml|UML);'",
				"'&A(uml|UML);'",
				"'&O(uml|UML);'",
				"'&U(uml|UML);'",
				"'&szlig;'i",
				);
		$replace = array(	"",
					"",
					" ",
					"\"",
					"&",
					"<",
					">",
					" ",
					chr(161),
					chr(162),
					chr(163),
					chr(169),
					chr(174),
					chr(176),
					chr(39),
					chr(128),
					"ä",
					"ö",
					"ü",
					"Ä",
					"Ö",
					"Ü",
					"ß",
				);
 
		$text = preg_replace($search,$replace,$document);
 
		return trim ( $text );
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * send_email - Handles all emailing from one place
	 *
	 * @access	public
	 * @param	string
	 * @return	bool TRUE/FALSE
	 */
	 
	function send_email ( $subject, $to, $body )
	{
		require ( BASE_PATH . "/lib/phpmailer/class.phpmailer.php" );
		
		$mail = new PHPMailer();
		
		//do we use SMTP?
		if ( USE_SMTP ) {
			$mail->IsSMTP();
			$mail->SMTPAuth = true;
			$mail->Host = SMTP_HOST;
			$mail->Port = SMTP_PORT;
			$mail->Password = SMTP_PASS;
			$mail->Username = SMTP_USER;
		}
 
		$mail->From = ADMIN_EMAIL;
		$mail->FromName = DOMAIN_NAME;
		$mail->AddAddress( $to );
		$mail->AddReplyTo ( ADMIN_EMAIL, DOMAIN_NAME );
		$mail->Subject = $subject;
		$mail->Body = $body;
		$mail->WordWrap = 100;
		$mail->IsHTML ( MAIL_IS_HTML );
		$mail->AltBody  =  html2txt ( $body );
 
		if ( ! $mail->Send() ) {
			if ( RUN_ON_DEVELOPMENT ) {
				echo $mail->ErrorInfo;//spit that bug out :P
			}
			return FALSE;
		}
		else {
			return TRUE;
		}
	}
	
	/**
	 * ip_first - let's get a clean ip
	 *
	 * @access	public
	 * @param	string
	 * @return	string
	 */
 
	function ip_first ( $ips ) 
	{
		if ( ( $pos = strpos ( $ips, ',' ) ) != false ) {
			return substr ( $ips, 0, $pos );
		} 
		else {
			return $ips;
		}
	}
	
	/**
	 * ip_valid - will try to determine if a given ip is valid or not
	 *
	 * @access	public
	 * @param	string
	 * @return	bool
	 */
 
	function ip_valid ( $ips )
	{
		if ( isset( $ips ) ) {
			$ip    = ip_first ( $ips );
			$ipnum = ip2long ( $ip );
			if ( $ipnum !== -1 && $ipnum !== false && ( long2ip ( $ipnum ) === $ip ) ) {
				if ( ( $ipnum < 167772160   || $ipnum > 184549375 ) && // Not in 10.0.0.0/8
				( $ipnum < - 1408237568 || $ipnum > - 1407188993 ) && // Not in 172.16.0.0/12
				( $ipnum < - 1062731776 || $ipnum > - 1062666241 ) )   // Not in 192.168.0.0/16
				return true;
			}
		}
		return false;
	}
	
	/**
	 * getIP - returns the IP of the visitor
	 *
	 * @access	public
	 * @param	none
	 * @return	string
	 */
 
	function getIP () 
	{
		$check = array(
				'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_FORWARDED_FOR',
				'HTTP_FORWARDED', 'HTTP_VIA', 'HTTP_X_COMING_FROM', 'HTTP_COMING_FROM',
				'HTTP_CLIENT_IP'
				);
 
		foreach ( $check as $c ) {
			if ( ip_valid ( &$_SERVER [ $c ] ) ) {
				return ip_first ( $_SERVER [ $c ] );
			}
		}
 
		return $_SERVER['REMOTE_ADDR'];
	}
	
	/**
	 * powered_by - let's thank the man for losing nights so I can play with such tools
	 *
	 * @access	public
	 * @param	none
	 * @return	string
	 */
	
	function powered_by ()
	{
		$out = '';
 
		$out .= '<div align="right" class="powered">' . "\n";
		$out .= '			Powered by ' . "\n";
		$out .= '			<a href="http://www.roscripts.com" title="roscripts - Programming articles, tutorials and scripts" target="_blank">' . "\n";
		$out .= '				roScripts' . "\n";
		$out .= '			</a>' . "\n";
		$out .= '		</div>' . "\n";
		
		return $out;
	}
	
	/**
	 * sanitize - a real sanitizer
	 *
	 * @access	public
	 * @param	none
	 * @return	string
	 */
	 
	function sanitize ( $var, $santype = 3 )
	{
		if ( $santype == 1 ) {
			return strip_tags ( $var );
		}
		if ( $santype == 2 ) {
			return htmlentities ( strip_tags ( $var ), ENT_QUOTES, 'UTF-8' );
		}
		if ( $santype == 3 ) {
			if ( ! get_magic_quotes_gpc () ) {
				return addslashes ( htmlentities ( strip_tags ( $var ), ENT_QUOTES, 'UTF-8' ) );
			}
			else {
			   return htmlentities ( strip_tags ( $var ), ENT_QUOTES, 'UTF-8' );
			}
		}
	}
?>

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22961665
settings.php
<?php
require ( 'lib/connection.php' );			
define ( "HOSTNAME", "" );			// - hostname - nedded to access the database
define ( "DATABASE", "" );				// - database name - the name of your mysql database
define ( "DBUSER", "" );				// - database user - what user should we use to access the database
define ( "DBPASS", "" );			// - database password - what password should we use to access the database
define ( "DBPREFIX", "" );				// - db prefix - would you like to use a prefix for your table?
define ( "APPLICATION_URL", "http://www.sandbudd.com/login/" );// - app. url - the url that points to our application ( ! with trailing slash )
define ( "APPLICATION_FOLDER", "login" );		// - do we have a folder where we store our scripts? ( ! no slashes )
define ( "REDIRECT_TO_LOGIN", "login.php" );		// - where should we redirect visitors if the access is restricted?
define ( "REDIRECT_AFTER_LOGIN", "members.php" );	// - where should we redirect members after logging in?
define ( "REDIRECT_ON_LOGOUT", "login.php" );		// - where should we redirect on logout?
define ( "ADMIN_EMAIL", "info@sandbudd.com" );	// - what email should we use to contact our members?
define ( "KEEP_LOGGED_IN_FOR", 60*60*24*100 );		// - if they chose to be remembered, how long should the cookies remain active ( default is 100 days )
define ( "COOKIE_PATH", "/" );				// - where should the cookies be active ( '/' means the whole domain. )
define ( "DOMAIN_NAME", "www.sandbuddc.com" );		// - the domain name that we use
define ( "RUN_ON_DEVELOPMENT", TRUE );			// - TRUE if you wish to see the nasty errors for debugging, FALSE to hide them
define ( "REDIRECT_AFTER_CONFIRMATION", TRUE );		// - TRUE if you want to redirect your users to the members page after they confirm their membership
define ( "ALLOW_USERNAME_CHANGE", FALSE );		// - do we let our members update their usernames as well? ( FALSE stands for no )
define ( "ALLOW_REMEMBER_ME", TRUE );			// - do we let our members use the "remember me" feature
 
 
/*
|---------------------------------------------------------------
| EMAILING VARIABLES
|---------------------------------------------------------------
|
| Emailing variables needed by phpmailer
|
*/
define ( "USE_SMTP", FALSE );				// - do you want to use SMTP to send out emails? TRUE or FALSE ( mail() will be used )
define ( "SMTP_PORT", "" );				// - what port should we use for smtp ( only needed if SMTP is set to TRUE )
define ( "SMTP_HOST", "" );		// - what host should we use for smtp ( only needed if SMTP is set to TRUE )
define ( "SMTP_USER", "" );		// - what user should we use for smtp ( only needed if SMTP is set to TRUE )
define ( "SMTP_PASS", "" );		// - what password should we use for smtp (only needed if SMTP is set to TRUE)
define ( "MAIL_IS_HTML", FALSE );			// - send emails as html or text? ( TRUE for html and FALSE for text )
 
 
############################################################# DON'T EDIT BELOW THIS LINE ########################################
 
 
/*
|---------------------------------------------------------------
| SET THE SERVER PATH
|---------------------------------------------------------------
|
| Let's attempt to determine the full-server path to the "system"
| folder in order to reduce the possibility of path problems.
|
*/
if ( function_exists ( 'realpath' ) AND @realpath ( dirname (__FILE__) ) !== FALSE )
{
	define ( "BASE_PATH", str_replace ( "\\", "/", realpath ( dirname(__FILE__) ) ) . '/' );
}
 
 
//how do we handle errors
error_reporting ( ( RUN_ON_DEVELOPMENT ) ? E_ALL : E_WARNING );
if ( file_exists ( BASE_PATH . 'install.php' ) )
{
	die ( "Please delete install.php from your server before continuing!" );
}
 
 
$db = new db ( DBUSER, DBPASS, DATABASE, HOSTNAME );	// - and away we go
?>

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22961673
will wait for your suggestion
0
 

Author Comment

by:sandbudd
ID: 22962559
still around?
0
 
LVL 17

Expert Comment

by:nplib
ID: 22962931
yes, give me sometime.
0
 

Author Comment

by:sandbudd
ID: 22962945
kk
0
 
LVL 17

Expert Comment

by:nplib
ID: 22963036
first of all, I've seen this code before, it's from WordPress.

Second, what happened to
require ( 'functions.php' );
from the settings.php, why was it removed?

from connections.php
$this->dbh is trying to set a variable that was never initalize.

Order of functions matter, your calling functions before they are declared.

$this->select($dbname);

is called before the function is even declared.

you need to reorder your db class functions. Order them so they call functions after they are declared.

you should also have

      class db {
      
            // ==================================================================
            //      DB Constructor - connects to the server and selects a database
            
                public $dbh; //declaring the dbh variable
            function db($dbuser, $dbpassword, $dbname, $dbhost)
            {
0
 

Author Comment

by:sandbudd
ID: 22963271
don't know why it was removed and I readded it... I am a novice at this and do not understand what I need to do?  If you could give me an example that I can look at would appreciate it.
0
 

Author Comment

by:sandbudd
ID: 22963493
I did it just like your example and am back to a blank page?
0
 
LVL 17

Expert Comment

by:nplib
ID: 22963698
show me your new connection.php page
0
 

Author Comment

by:sandbudd
ID: 22963762
connections.php
<?
 
	
	define("EZSQL_VERSION","1.01");
	define("OBJECT","OBJECT",true);
	define("ARRAY_A","ARRAY_A",true);
	define("ARRAY_N","ARRAY_N",true);
 
	// ==================================================================
	//	The Main Class
	
	class db {
	
		// ==================================================================
		//	DB Constructor - connects to the server and selects a database
		public $dbh; //declaring the dbh variable
		function db($dbuser, $dbpassword, $dbname, $dbhost)
		{
	
			$this->dbh = @mysql_connect($dbhost,$dbuser,$dbpassword);
			
			if ( ! $this->dbh )
			{
				$this->print_error("<ol><b>Error establishing a database connection!</b><li>Are you sure you have the correct user/password?<li>Are you sure that you have typed the correct hostname?<li>Are you sure that the database server is running?</ol>");
			}
			
				
			$this->select($dbname);
		
		}
		
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
	
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
	
		// ==================================================================
		//	Basic Query	- see docs for more detail
		
		function query($query, $output = OBJECT) 
		{
			
			// Log how the function was called
			$this->func_call = "\$db->query(\"$query\", $output)";		
			
			// Kill this
			$this->last_result = null;
			$this->col_info = null;
	
			// Keep track of the last query for debug..
			$this->last_query = $query;
			
			// Perform the query via std mysql_query function..
			$this->result = mysql_query($query,$this->dbh);
	
			if ( mysql_error() ) 
			{				
				// If there is an error then take note of it..
				$this->print_error();
				return FALSE;	
			}
			else {
	
				// In other words if this was a select statement..
				if ( $this->result )
				{
	
					// =======================================================
					// Take note of column info
					
					$i=0;
					while ($i < @mysql_num_fields($this->result))
					{
						$this->col_info[$i] = @mysql_fetch_field($this->result);
						$i++;
					}
	
					// =======================================================				
					// Store Query Results
					
					$i=0;
					while ( $row = @mysql_fetch_object($this->result) )
					{ 
	
						// Store relults as an objects within main array
						$this->last_result[$i] = $row;
						
						$i++;
					}
					
					@mysql_free_result($this->result);
				}
				
				return TRUE;
	
			}
		}
		
		// ==================================================================
		//
		
		function RecordCount ( $query )
		{
			return mysql_num_rows ( mysql_query ( $query ) );
		}
		
		// ==================================================================
		//
		
		function Mresult ( $query, $a, $b )
		{
			return mysql_result ( mysql_query ( $query ), $a, $b );
		}
		
		/**
		 * Correctly quotes a string so that all strings are escape coded.
		 * 
		 * @param string			the string to quote
		 * @param [magic_quotes]	if $s is GET/POST var, set to get_magic_quotes_gpc().
		 */
 
		function qstr ( $string, $magic_quotes = false )
		{
			if (!$magic_quotes) {
				if (strnatcmp(PHP_VERSION, '4.3.0') >= 0) {
					return "'" . mysql_real_escape_string($string) . "'";
				}
				$string = str_replace("'", "\\'" , str_replace('\\', '\\\\', str_replace("\0", "\\\0", $string)));
				return  "'" . $string . "'"; 
			}
			return "'" . str_replace('\\"', '"', $string) . "'";
		}
	
		// ==================================================================
		//	Get one variable from the DB - see docs for more detail
		
		function get_var($query=null,$x=0,$y=0)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_var(\"$query\",$x,$y)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract var out of cached results based x,y vals
			if ( $this->last_result[$y] )
			{
				$values = array_values(get_object_vars($this->last_result[$y]));
			}
			
			// If there is a value return it else return null
			return $values[$x]?$values[$x]:null;
		}
	
		// ==================================================================
		//	Get one row from the DB - see docs for more detail
		
		function getRow($query=null,$y=0,$output=OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->getRow(\"$query\",$y,$output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
	
			// If the output is an object then return object using the row offset..
			if ( $output == OBJECT )
			{
				return $this->last_result[$y]?$this->last_result[$y]:null;
			}
			// If the output is an associative array then return row as such..
			elseif ( $output == ARRAY_A )
			{
				return $this->last_result[$y]?get_object_vars($this->last_result[$y]):null;	
			}
			// If the output is an numerical array then return row as such..
			elseif ( $output == ARRAY_N )
			{
				return $this->last_result[$y]?array_values(get_object_vars($this->last_result[$y])):null;
			}
			// If invalid output type was specified..
			else
			{
				$this->print_error(" \$db->getRow(string query,int offset,output type) -- Output type must be one of: OBJECT, ARRAY_A, ARRAY_N ");	
			}
	
		}
	
		// ==================================================================
		//	Function to get 1 column from the cached result set based in X index
		// se docs for usage and info
	
		function get_col($query=null,$x=0)
		{
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract the column values
			for ( $i=0; $i < count($this->last_result); $i++ )
			{
				$new_array[$i] = $this->get_var(null,$x,$i);
			}
			
			return $new_array;
		}
	
		// ==================================================================
		// Return the the query as a result set - see docs for more details
		
		function get_results($query=null, $output = OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_results(\"$query\", $output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}		
	
			// Send back array of objects. Each row is an object		
			if ( $output == OBJECT )
			{
				return $this->last_result; 
			}
			elseif ( $output == ARRAY_A || $output == ARRAY_N )
			{
				if ( $this->last_result )
				{
					$i=0;
					foreach( $this->last_result as $row )
					{
						
						$new_array[$i] = get_object_vars($row);
						
						if ( $output == ARRAY_N )
						{
							$new_array[$i] = array_values($new_array[$i]);
						}
	
						$i++;
					}
				
					return $new_array;
				}
				else
				{
					return null;	
				}
			}
		}
	
	
		// ==================================================================
		// Function to get column meta data info pertaining to the last query
		// see docs for more info and usage
		
		function get_col_info($info_type="name",$col_offset=-1)
		{
	
			if ( $this->col_info )
			{
				if ( $col_offset == -1 )
				{
					$i=0;
					foreach($this->col_info as $col )
					{
						$new_array[$i] = $col->{$info_type};
						$i++;
					}
					return $new_array;
				}
				else
				{
					return $this->col_info[$col_offset]->{$info_type};
				}
			
			}
			
		}
	
	
		// ==================================================================
		// Dumps the contents of any input variable to screen in a nicely
		// formatted and easy to understand way - any type: Object, Var or Array
	
		function vardump($mixed)
		{
 
			echo "<blockquote><font color=000090>";
			echo "<pre><font face=arial>";
			
			if ( ! $this->vardump_called )
			{
				echo "<font color=800080><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Variable Dump..</b></font>\n\n";
			}
	
			print_r($mixed);	
			echo "\n\n<b>Last Query:</b> ".($this->last_query?$this->last_query:"NULL")."\n";
			echo "<b>Last Function Call:</b> " . ($this->func_call?$this->func_call:"None")."\n";
			echo "<b>Last Rows Returned:</b> ".count($this->last_result)."\n";
			echo "</font></pre></font></blockquote>";
			echo "\n<hr size=1 noshade color=dddddd>";
			
			$this->vardump_called = true;
 
		}
	
		// Alias for the above function	
		function dumpvars($mixed)
		{
			$this->vardump($mixed);	
		}
	
		// ==================================================================
		// Displays the last query string that was sent to the database & a 
		// table listing results (if there were any). 
		// (abstracted into a seperate file to save server overhead).
		
		function debug()
		{
			
			echo "<blockquote>";
	
			// Only show ezSQL credits once..
			if ( ! $this->debug_called )
			{
				echo "<font color=800080 face=arial size=2><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Debug..</b></font><p>\n";
			}
			echo "<font face=arial size=2 color=000099><b>Query --</b> ";
			echo "[<font color=000000><b>$this->last_query</b></font>]</font><p>";
	
				echo "<font face=arial size=2 color=000099><b>Query Result..</b></font>";
				echo "<blockquote>";
				
			if ( $this->col_info )
			{
				
				// =====================================================
				// Results top rows
				
				echo "<table cellpadding=5 cellspacing=1 bgcolor=555555>";
				echo "<tr bgcolor=eeeeee><td nowrap valign=bottom><font color=555599 face=arial size=2><b>(row)</b></font></td>";
	
	
				for ( $i=0; $i < count($this->col_info); $i++ )
				{
					echo "<td nowrap align=left valign=top><font size=1 color=555599 face=arial>{$this->col_info[$i]->type} {$this->col_info[$i]->max_length}<br><font size=2><b>{$this->col_info[$i]->name}</b></font></td>";
				}
	
				echo "</tr>";
	
				// ======================================================
				// print main results
	
			if ( $this->last_result )
			{
	
				$i=0;
				foreach ( $this->get_results(null,ARRAY_N) as $one_row )
				{
					$i++;
					echo "<tr bgcolor=ffffff><td bgcolor=eeeeee nowrap align=middle><font size=2 color=555599 face=arial>$i</font></td>";
	
					foreach ( $one_row as $item )
					{
						echo "<td nowrap><font face=arial size=2>$item</font></td>";	
					}
	
					echo "</tr>";				
				}
	
			} // if last result
			else
			{
				echo "<tr bgcolor=ffffff><td colspan=".(count($this->col_info)+1)."><font face=arial size=2>No Results</font></td></tr>";			
			}
	
			echo "</table>";		
	
			} // if col_info
			else
			{
				echo "<font face=arial size=2>No Results</font>";			
			}
			
			echo "</blockquote></blockquote><hr noshade color=dddddd size=1>";
			
			
			$this->debug_called = true;
		}
	
	
	}
 
?>

Open in new window

0
 
LVL 17

Expert Comment

by:nplib
ID: 22963830
ok, you didn't reorder you class functions..

Your first function is db(),

but in the function you call print_error() and select(), but you call them before the are even written.
you need to reorder you whole class, so that it doesn't call a function before the function even exists.

for example,


<?
 
	
	define("EZSQL_VERSION","1.01");
	define("OBJECT","OBJECT",true);
	define("ARRAY_A","ARRAY_A",true);
	define("ARRAY_N","ARRAY_N",true);
 
	// ==================================================================
	//	The Main Class
	
	class db {
 
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
		
		// ==================================================================
		//	DB Constructor - connects to the server and selects a database
		public $dbh; //declaring the dbh variable
		function db($dbuser, $dbpassword, $dbname, $dbhost)
		{
	
			$this->dbh = @mysql_connect($dbhost,$dbuser,$dbpassword);
			
			if ( ! $this->dbh )
			{
				$this->print_error("<ol><b>Error establishing a database connection!</b><li>Are you sure you have the correct user/password?<li>Are you sure that you have typed the correct hostname?<li>Are you sure that the database server is running?</ol>");
			}
			
				
			$this->select($dbname);
		
		}
.......................................etc		

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22967299
Im still getting a blank page?
<?
 
	
	define("EZSQL_VERSION","1.01");
	define("OBJECT","OBJECT",true);
	define("ARRAY_A","ARRAY_A",true);
	define("ARRAY_N","ARRAY_N",true);
 
	// ==================================================================
	//	The Main Class
	
	class db {
 
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
		
		// ==================================================================
		//	DB Constructor - connects to the server and selects a database
		public $dbh; //declaring the dbh variable
		function db($dbuser, $dbpassword, $dbname, $dbhost)
		{
	
			$this->dbh = @mysql_connect($dbhost,$dbuser,$dbpassword);
			
			if ( ! $this->dbh )
			{
				$this->print_error("<ol><b>Error establishing a database connection!</b><li>Are you sure you have the correct user/password?<li>Are you sure that you have typed the correct hostname?<li>Are you sure that the database server is running?</ol>");
			}
			
				
			$this->select($dbname);
		
		}
 
		
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
	
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
	
		// ==================================================================
		//	Basic Query	- see docs for more detail
		
		function query($query, $output = OBJECT) 
		{
			
			// Log how the function was called
			$this->func_call = "\$db->query(\"$query\", $output)";		
			
			// Kill this
			$this->last_result = null;
			$this->col_info = null;
	
			// Keep track of the last query for debug..
			$this->last_query = $query;
			
			// Perform the query via std mysql_query function..
			$this->result = mysql_query($query,$this->dbh);
	
			if ( mysql_error() ) 
			{				
				// If there is an error then take note of it..
				$this->print_error();
				return FALSE;	
			}
			else {
	
				// In other words if this was a select statement..
				if ( $this->result )
				{
	
					// =======================================================
					// Take note of column info
					
					$i=0;
					while ($i < @mysql_num_fields($this->result))
					{
						$this->col_info[$i] = @mysql_fetch_field($this->result);
						$i++;
					}
	
					// =======================================================				
					// Store Query Results
					
					$i=0;
					while ( $row = @mysql_fetch_object($this->result) )
					{ 
	
						// Store relults as an objects within main array
						$this->last_result[$i] = $row;
						
						$i++;
					}
					
					@mysql_free_result($this->result);
				}
				
				return TRUE;
	
			}
		}
		
		// ==================================================================
		//
		
		function RecordCount ( $query )
		{
			return mysql_num_rows ( mysql_query ( $query ) );
		}
		
		// ==================================================================
		//
		
		function Mresult ( $query, $a, $b )
		{
			return mysql_result ( mysql_query ( $query ), $a, $b );
		}
		
		/**
		 * Correctly quotes a string so that all strings are escape coded.
		 * 
		 * @param string			the string to quote
		 * @param [magic_quotes]	if $s is GET/POST var, set to get_magic_quotes_gpc().
		 */
 
		function qstr ( $string, $magic_quotes = false )
		{
			if (!$magic_quotes) {
				if (strnatcmp(PHP_VERSION, '4.3.0') >= 0) {
					return "'" . mysql_real_escape_string($string) . "'";
				}
				$string = str_replace("'", "\\'" , str_replace('\\', '\\\\', str_replace("\0", "\\\0", $string)));
				return  "'" . $string . "'"; 
			}
			return "'" . str_replace('\\"', '"', $string) . "'";
		}
	
		// ==================================================================
		//	Get one variable from the DB - see docs for more detail
		
		function get_var($query=null,$x=0,$y=0)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_var(\"$query\",$x,$y)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract var out of cached results based x,y vals
			if ( $this->last_result[$y] )
			{
				$values = array_values(get_object_vars($this->last_result[$y]));
			}
			
			// If there is a value return it else return null
			return $values[$x]?$values[$x]:null;
		}
	
		// ==================================================================
		//	Get one row from the DB - see docs for more detail
		
		function getRow($query=null,$y=0,$output=OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->getRow(\"$query\",$y,$output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
	
			// If the output is an object then return object using the row offset..
			if ( $output == OBJECT )
			{
				return $this->last_result[$y]?$this->last_result[$y]:null;
			}
			// If the output is an associative array then return row as such..
			elseif ( $output == ARRAY_A )
			{
				return $this->last_result[$y]?get_object_vars($this->last_result[$y]):null;	
			}
			// If the output is an numerical array then return row as such..
			elseif ( $output == ARRAY_N )
			{
				return $this->last_result[$y]?array_values(get_object_vars($this->last_result[$y])):null;
			}
			// If invalid output type was specified..
			else
			{
				$this->print_error(" \$db->getRow(string query,int offset,output type) -- Output type must be one of: OBJECT, ARRAY_A, ARRAY_N ");	
			}
	
		}
	
		// ==================================================================
		//	Function to get 1 column from the cached result set based in X index
		// se docs for usage and info
	
		function get_col($query=null,$x=0)
		{
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract the column values
			for ( $i=0; $i < count($this->last_result); $i++ )
			{
				$new_array[$i] = $this->get_var(null,$x,$i);
			}
			
			return $new_array;
		}
	
		// ==================================================================
		// Return the the query as a result set - see docs for more details
		
		function get_results($query=null, $output = OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_results(\"$query\", $output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}		
	
			// Send back array of objects. Each row is an object		
			if ( $output == OBJECT )
			{
				return $this->last_result; 
			}
			elseif ( $output == ARRAY_A || $output == ARRAY_N )
			{
				if ( $this->last_result )
				{
					$i=0;
					foreach( $this->last_result as $row )
					{
						
						$new_array[$i] = get_object_vars($row);
						
						if ( $output == ARRAY_N )
						{
							$new_array[$i] = array_values($new_array[$i]);
						}
	
						$i++;
					}
				
					return $new_array;
				}
				else
				{
					return null;	
				}
			}
		}
	
	
		// ==================================================================
		// Function to get column meta data info pertaining to the last query
		// see docs for more info and usage
		
		function get_col_info($info_type="name",$col_offset=-1)
		{
	
			if ( $this->col_info )
			{
				if ( $col_offset == -1 )
				{
					$i=0;
					foreach($this->col_info as $col )
					{
						$new_array[$i] = $col->{$info_type};
						$i++;
					}
					return $new_array;
				}
				else
				{
					return $this->col_info[$col_offset]->{$info_type};
				}
			
			}
			
		}
	
	
		// ==================================================================
		// Dumps the contents of any input variable to screen in a nicely
		// formatted and easy to understand way - any type: Object, Var or Array
	
		function vardump($mixed)
		{
 
			echo "<blockquote><font color=000090>";
			echo "<pre><font face=arial>";
			
			if ( ! $this->vardump_called )
			{
				echo "<font color=800080><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Variable Dump..</b></font>\n\n";
			}
	
			print_r($mixed);	
			echo "\n\n<b>Last Query:</b> ".($this->last_query?$this->last_query:"NULL")."\n";
			echo "<b>Last Function Call:</b> " . ($this->func_call?$this->func_call:"None")."\n";
			echo "<b>Last Rows Returned:</b> ".count($this->last_result)."\n";
			echo "</font></pre></font></blockquote>";
			echo "\n<hr size=1 noshade color=dddddd>";
			
			$this->vardump_called = true;
 
		}
	
		// Alias for the above function	
		function dumpvars($mixed)
		{
			$this->vardump($mixed);	
		}
	
		// ==================================================================
		// Displays the last query string that was sent to the database & a 
		// table listing results (if there were any). 
		// (abstracted into a seperate file to save server overhead).
		
		function debug()
		{
			
			echo "<blockquote>";
	
			// Only show ezSQL credits once..
			if ( ! $this->debug_called )
			{
				echo "<font color=800080 face=arial size=2><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Debug..</b></font><p>\n";
			}
			echo "<font face=arial size=2 color=000099><b>Query --</b> ";
			echo "[<font color=000000><b>$this->last_query</b></font>]</font><p>";
	
				echo "<font face=arial size=2 color=000099><b>Query Result..</b></font>";
				echo "<blockquote>";
				
			if ( $this->col_info )
			{
				
				// =====================================================
				// Results top rows
				
				echo "<table cellpadding=5 cellspacing=1 bgcolor=555555>";
				echo "<tr bgcolor=eeeeee><td nowrap valign=bottom><font color=555599 face=arial size=2><b>(row)</b></font></td>";
	
	
				for ( $i=0; $i < count($this->col_info); $i++ )
				{
					echo "<td nowrap align=left valign=top><font size=1 color=555599 face=arial>{$this->col_info[$i]->type} {$this->col_info[$i]->max_length}<br><font size=2><b>{$this->col_info[$i]->name}</b></font></td>";
				}
	
				echo "</tr>";
	
				// ======================================================
				// print main results
	
			if ( $this->last_result )
			{
	
				$i=0;
				foreach ( $this->get_results(null,ARRAY_N) as $one_row )
				{
					$i++;
					echo "<tr bgcolor=ffffff><td bgcolor=eeeeee nowrap align=middle><font size=2 color=555599 face=arial>$i</font></td>";
	
					foreach ( $one_row as $item )
					{
						echo "<td nowrap><font face=arial size=2>$item</font></td>";	
					}
	
					echo "</tr>";				
				}
	
			} // if last result
			else
			{
				echo "<tr bgcolor=ffffff><td colspan=".(count($this->col_info)+1)."><font face=arial size=2>No Results</font></td></tr>";			
			}
	
			echo "</table>";		
	
			} // if col_info
			else
			{
				echo "<font face=arial size=2>No Results</font>";			
			}
			
			echo "</blockquote></blockquote><hr noshade color=dddddd size=1>";
			
			
			$this->debug_called = true;
		}
	
	
	}
 
?>

Open in new window

0
 
LVL 20

Expert Comment

by:NerdsOfTech
ID: 22973657
Dont forget your <?php :)
<?php
 
	
	define("EZSQL_VERSION","1.01");
	define("OBJECT","OBJECT",true);
	define("ARRAY_A","ARRAY_A",true);
	define("ARRAY_N","ARRAY_N",true);
 
	// ==================================================================
	//	The Main Class
	
	class db {
 
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
		
		// ==================================================================
		//	DB Constructor - connects to the server and selects a database
		public $dbh; //declaring the dbh variable
		function db($dbuser, $dbpassword, $dbname, $dbhost)
		{
	
			$this->dbh = @mysql_connect($dbhost,$dbuser,$dbpassword);
			
			if ( ! $this->dbh )
			{
				$this->print_error("<ol><b>Error establishing a database connection!</b><li>Are you sure you have the correct user/password?<li>Are you sure that you have typed the correct hostname?<li>Are you sure that the database server is running?</ol>");
			}
			
				
			$this->select($dbname);
		
		}
 
		
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
	
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
	
		// ==================================================================
		//	Basic Query	- see docs for more detail
		
		function query($query, $output = OBJECT) 
		{
			
			// Log how the function was called
			$this->func_call = "\$db->query(\"$query\", $output)";		
			
			// Kill this
			$this->last_result = null;
			$this->col_info = null;
	
			// Keep track of the last query for debug..
			$this->last_query = $query;
			
			// Perform the query via std mysql_query function..
			$this->result = mysql_query($query,$this->dbh);
	
			if ( mysql_error() ) 
			{				
				// If there is an error then take note of it..
				$this->print_error();
				return FALSE;	
			}
			else {
	
				// In other words if this was a select statement..
				if ( $this->result )
				{
	
					// =======================================================
					// Take note of column info
					
					$i=0;
					while ($i < @mysql_num_fields($this->result))
					{
						$this->col_info[$i] = @mysql_fetch_field($this->result);
						$i++;
					}
	
					// =======================================================				
					// Store Query Results
					
					$i=0;
					while ( $row = @mysql_fetch_object($this->result) )
					{ 
	
						// Store relults as an objects within main array
						$this->last_result[$i] = $row;
						
						$i++;
					}
					
					@mysql_free_result($this->result);
				}
				
				return TRUE;
	
			}
		}
		
		// ==================================================================
		//
		
		function RecordCount ( $query )
		{
			return mysql_num_rows ( mysql_query ( $query ) );
		}
		
		// ==================================================================
		//
		
		function Mresult ( $query, $a, $b )
		{
			return mysql_result ( mysql_query ( $query ), $a, $b );
		}
		
		/**
		 * Correctly quotes a string so that all strings are escape coded.
		 * 
		 * @param string			the string to quote
		 * @param [magic_quotes]	if $s is GET/POST var, set to get_magic_quotes_gpc().
		 */
 
		function qstr ( $string, $magic_quotes = false )
		{
			if (!$magic_quotes) {
				if (strnatcmp(PHP_VERSION, '4.3.0') >= 0) {
					return "'" . mysql_real_escape_string($string) . "'";
				}
				$string = str_replace("'", "\\'" , str_replace('\\', '\\\\', str_replace("\0", "\\\0", $string)));
				return  "'" . $string . "'"; 
			}
			return "'" . str_replace('\\"', '"', $string) . "'";
		}
	
		// ==================================================================
		//	Get one variable from the DB - see docs for more detail
		
		function get_var($query=null,$x=0,$y=0)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_var(\"$query\",$x,$y)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract var out of cached results based x,y vals
			if ( $this->last_result[$y] )
			{
				$values = array_values(get_object_vars($this->last_result[$y]));
			}
			
			// If there is a value return it else return null
			return $values[$x]?$values[$x]:null;
		}
	
		// ==================================================================
		//	Get one row from the DB - see docs for more detail
		
		function getRow($query=null,$y=0,$output=OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->getRow(\"$query\",$y,$output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
	
			// If the output is an object then return object using the row offset..
			if ( $output == OBJECT )
			{
				return $this->last_result[$y]?$this->last_result[$y]:null;
			}
			// If the output is an associative array then return row as such..
			elseif ( $output == ARRAY_A )
			{
				return $this->last_result[$y]?get_object_vars($this->last_result[$y]):null;	
			}
			// If the output is an numerical array then return row as such..
			elseif ( $output == ARRAY_N )
			{
				return $this->last_result[$y]?array_values(get_object_vars($this->last_result[$y])):null;
			}
			// If invalid output type was specified..
			else
			{
				$this->print_error(" \$db->getRow(string query,int offset,output type) -- Output type must be one of: OBJECT, ARRAY_A, ARRAY_N ");	
			}
	
		}
	
		// ==================================================================
		//	Function to get 1 column from the cached result set based in X index
		// se docs for usage and info
	
		function get_col($query=null,$x=0)
		{
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract the column values
			for ( $i=0; $i < count($this->last_result); $i++ )
			{
				$new_array[$i] = $this->get_var(null,$x,$i);
			}
			
			return $new_array;
		}
	
		// ==================================================================
		// Return the the query as a result set - see docs for more details
		
		function get_results($query=null, $output = OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_results(\"$query\", $output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}		
	
			// Send back array of objects. Each row is an object		
			if ( $output == OBJECT )
			{
				return $this->last_result; 
			}
			elseif ( $output == ARRAY_A || $output == ARRAY_N )
			{
				if ( $this->last_result )
				{
					$i=0;
					foreach( $this->last_result as $row )
					{
						
						$new_array[$i] = get_object_vars($row);
						
						if ( $output == ARRAY_N )
						{
							$new_array[$i] = array_values($new_array[$i]);
						}
	
						$i++;
					}
				
					return $new_array;
				}
				else
				{
					return null;	
				}
			}
		}
	
	
		// ==================================================================
		// Function to get column meta data info pertaining to the last query
		// see docs for more info and usage
		
		function get_col_info($info_type="name",$col_offset=-1)
		{
	
			if ( $this->col_info )
			{
				if ( $col_offset == -1 )
				{
					$i=0;
					foreach($this->col_info as $col )
					{
						$new_array[$i] = $col->{$info_type};
						$i++;
					}
					return $new_array;
				}
				else
				{
					return $this->col_info[$col_offset]->{$info_type};
				}
			
			}
			
		}
	
	
		// ==================================================================
		// Dumps the contents of any input variable to screen in a nicely
		// formatted and easy to understand way - any type: Object, Var or Array
	
		function vardump($mixed)
		{
 
			echo "<blockquote><font color=000090>";
			echo "<pre><font face=arial>";
			
			if ( ! $this->vardump_called )
			{
				echo "<font color=800080><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Variable Dump..</b></font>\n\n";
			}
	
			print_r($mixed);	
			echo "\n\n<b>Last Query:</b> ".($this->last_query?$this->last_query:"NULL")."\n";
			echo "<b>Last Function Call:</b> " . ($this->func_call?$this->func_call:"None")."\n";
			echo "<b>Last Rows Returned:</b> ".count($this->last_result)."\n";
			echo "</font></pre></font></blockquote>";
			echo "\n<hr size=1 noshade color=dddddd>";
			
			$this->vardump_called = true;
 
		}
	
		// Alias for the above function	
		function dumpvars($mixed)
		{
			$this->vardump($mixed);	
		}
	
		// ==================================================================
		// Displays the last query string that was sent to the database & a 
		// table listing results (if there were any). 
		// (abstracted into a seperate file to save server overhead).
		
		function debug()
		{
			
			echo "<blockquote>";
	
			// Only show ezSQL credits once..
			if ( ! $this->debug_called )
			{
				echo "<font color=800080 face=arial size=2><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Debug..</b></font><p>\n";
			}
			echo "<font face=arial size=2 color=000099><b>Query --</b> ";
			echo "[<font color=000000><b>$this->last_query</b></font>]</font><p>";
	
				echo "<font face=arial size=2 color=000099><b>Query Result..</b></font>";
				echo "<blockquote>";
				
			if ( $this->col_info )
			{
				
				// =====================================================
				// Results top rows
				
				echo "<table cellpadding=5 cellspacing=1 bgcolor=555555>";
				echo "<tr bgcolor=eeeeee><td nowrap valign=bottom><font color=555599 face=arial size=2><b>(row)</b></font></td>";
	
	
				for ( $i=0; $i < count($this->col_info); $i++ )
				{
					echo "<td nowrap align=left valign=top><font size=1 color=555599 face=arial>{$this->col_info[$i]->type} {$this->col_info[$i]->max_length}<br><font size=2><b>{$this->col_info[$i]->name}</b></font></td>";
				}
	
				echo "</tr>";
	
				// ======================================================
				// print main results
	
			if ( $this->last_result )
			{
	
				$i=0;
				foreach ( $this->get_results(null,ARRAY_N) as $one_row )
				{
					$i++;
					echo "<tr bgcolor=ffffff><td bgcolor=eeeeee nowrap align=middle><font size=2 color=555599 face=arial>$i</font></td>";
	
					foreach ( $one_row as $item )
					{
						echo "<td nowrap><font face=arial size=2>$item</font></td>";	
					}
	
					echo "</tr>";				
				}
	
			} // if last result
			else
			{
				echo "<tr bgcolor=ffffff><td colspan=".(count($this->col_info)+1)."><font face=arial size=2>No Results</font></td></tr>";			
			}
	
			echo "</table>";		
	
			} // if col_info
			else
			{
				echo "<font face=arial size=2>No Results</font>";			
			}
			
			echo "</blockquote></blockquote><hr noshade color=dddddd size=1>";
			
			
			$this->debug_called = true;
		}
	
	
	}
 
?>

Open in new window

0
 

Author Comment

by:sandbudd
ID: 22975909
Im still getting a blank page
0
 
LVL 17

Expert Comment

by:nplib
ID: 22988316
comment out each function, then uncomment, 1 function at at a time until you no get a blank page again, this will tell you which is causing your blank page, plus,

you have two select() functions.

also
you have two select() functions, which will cause problems.
0
 
LVL 20

Expert Comment

by:NerdsOfTech
ID: 23003310
Logic error
REDIRECT_AFTER_LOGIN not defined

header ( "Location: " . "$PHP_SELF");

OR

define("REDIRECT_AFTER_LOGIN","$PHP_SELF"); // put this in your include or inline your script
header ( "Location: " . REDIRECT_AFTER_LOGIN );

WILL WORK

I choose the first option for speed. If you are using REDIRECT_AFTER_LOGI repeatedly in different scripts use the second option. Otherwise, here is the script:
<?php
error_reporting(E_ALL);
 
	require_once ( 'settings.php' );
 
	if ( array_key_exists ( '_submit_check', $_POST ) )
	{
		if ( $_POST['username'] != '' && $_POST['password'] != '' )
		{
			$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
			if ( $db->RecordCount ( $query ) == 1 )
			{
				$row = $db->getRow ( $query );
				if ( $row->Active == 1 )
				{
					set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
					header ( "Location: " . "$PHP_SELF");
				}
				elseif ( $row->Active == 0 ) {
					$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
				}
				elseif ( $row->Active == 2 ) {
					$error = 'You are suspended!';
				}
			}
			else {		
				$error = 'Login failed!';		
			}
		}
		else {
			$error = 'Please use both your username and password to access your account';
		}
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title>login</title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
 
</head>
 
<body>
 
	<div id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
	</div>
	<div id="container" style="width:230px;">
 
		<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
 
			<input type="hidden" name="_submit_check" value="1"/> 
		
			<div style="margin-top:12px; margin-bottom:10px">
				<img src="images/username.gif" alt="username" border="0" />
				<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
			</div>
			<div style="margin-bottom:6px">
				<img src="images/password.gif" alt="password" border="0" />
				<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
			</div>
			<?php if ( ALLOW_REMEMBER_ME ):?>
			<div style="margin-bottom:6px">
				<input type="checkbox" name="remember" id="remember" />
				<label for="remember">Remember me</label>
			</div>
			<?php endif;?>
			<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
			<br class="clear" />
			<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>
			
		</form>
		
		
	</div>
	
</body>
 
</html>

Open in new window

0
 
LVL 20

Expert Comment

by:NerdsOfTech
ID: 23003329
Logic error
REDIRECT_AFTER_LOGIN not defined

Changed LINE 18 to:
header ( "Location: " . "$PHP_SELF");

=NerdsOfTech
<?php
error_reporting(E_ALL);
 
	require_once ( 'settings.php' );
 
	if ( array_key_exists ( '_submit_check', $_POST ) )
	{
		if ( $_POST['username'] != '' && $_POST['password'] != '' )
		{
			$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
			if ( $db->RecordCount ( $query ) == 1 )
			{
				$row = $db->getRow ( $query );
				if ( $row->Active == 1 )
				{
					set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
					header ( "Location: " . "$PHP_SELF");
				}
				elseif ( $row->Active == 0 ) {
					$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
				}
				elseif ( $row->Active == 2 ) {
					$error = 'You are suspended!';
				}
			}
			else {		
				$error = 'Login failed!';		
			}
		}
		else {
			$error = 'Please use both your username and password to access your account';
		}
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title>login</title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
 
</head>
 
<body>
 
	<div id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
	</div>
	<div id="container" style="width:230px;">
 
		<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
 
			<input type="hidden" name="_submit_check" value="1"/> 
		
			<div style="margin-top:12px; margin-bottom:10px">
				<img src="images/username.gif" alt="username" border="0" />
				<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
			</div>
			<div style="margin-bottom:6px">
				<img src="images/password.gif" alt="password" border="0" />
				<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
			</div>
			<?php if ( ALLOW_REMEMBER_ME ):?>
			<div style="margin-bottom:6px">
				<input type="checkbox" name="remember" id="remember" />
				<label for="remember">Remember me</label>
			</div>
			<?php endif;?>
			<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
			<br class="clear" />
			<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>
			
		</form>
		
		
	</div>
	
</body>
 
</html>

Open in new window

0
 
LVL 17

Expert Comment

by:nplib
ID: 23004410
what are you talking about, check out the post with settings.php
0
 
LVL 17

Expert Comment

by:nplib
ID: 23004415

<?php
require ( 'lib/connection.php' );			
define ( "HOSTNAME", "" );			// - hostname - nedded to access the database
define ( "DATABASE", "" );				// - database name - the name of your mysql database
define ( "DBUSER", "" );				// - database user - what user should we use to access the database
define ( "DBPASS", "" );			// - database password - what password should we use to access the database
define ( "DBPREFIX", "" );				// - db prefix - would you like to use a prefix for your table?
define ( "APPLICATION_URL", "http://www.sandbudd.com/login/" );// - app. url - the url that points to our application ( ! with trailing slash )
define ( "APPLICATION_FOLDER", "login" );		// - do we have a folder where we store our scripts? ( ! no slashes )
define ( "REDIRECT_TO_LOGIN", "login.php" );		// - where should we redirect visitors if the access is restricted?
define ( "REDIRECT_AFTER_LOGIN", "members.php" );	// - where should we redirect members after logging in?
define ( "REDIRECT_ON_LOGOUT", "login.php" );		// - where should we redirect on logout?

Open in new window

0
 
LVL 20

Expert Comment

by:NerdsOfTech
ID: 23004462
Thanks didn't see that

maybe the problem is in members.php then
0
 
LVL 17

Expert Comment

by:nplib
ID: 23005844
the problem lies somewhere in the functions.php
0
 

Author Comment

by:sandbudd
ID: 23005884
it was my server guys...thanks...
0
 
LVL 17

Expert Comment

by:nplib
ID: 23006267
define your answer.
0
 

Author Comment

by:sandbudd
ID: 23006403
it was using php 4 instead of 5... they moved me to another server and I didnt have to change a thing and it fired right up...lol
0
 
LVL 17

Expert Comment

by:nplib
ID: 23006441
well, that would cause a lot of trouble if you were using php5 functions on a php4 server
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 23581164
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses
Course of the Month21 days, 2 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question