all I get is a blank page?

all I get is a blank page for the login script
<?php
error_reporting(E_ALL);
 
	require_once ( 'settings.php' );
 
	if ( array_key_exists ( '_submit_check', $_POST ) )
	{
		if ( $_POST['username'] != '' && $_POST['password'] != '' )
		{
			$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
			if ( $db->RecordCount ( $query ) == 1 )
			{
				$row = $db->getRow ( $query );
				if ( $row->Active == 1 )
				{
					set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
					header ( "Location: " . REDIRECT_AFTER_LOGIN );
				}
				elseif ( $row->Active == 0 ) {
					$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
				}
				elseif ( $row->Active == 2 ) {
					$error = 'You are suspended!';
				}
			}
			else {		
				$error = 'Login failed!';		
			}
		}
		else {
			$error = 'Please use both your username and password to access your account';
		}
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title>login</title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
 
</head>
 
<body>
 
	<div id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
	</div>
	<div id="container" style="width:230px;">
 
		<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
 
			<input type="hidden" name="_submit_check" value="1"/> 
		
			<div style="margin-top:12px; margin-bottom:10px">
				<img src="images/username.gif" alt="username" border="0" />
				<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
			</div>
			<div style="margin-bottom:6px">
				<img src="images/password.gif" alt="password" border="0" />
				<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
			</div>
			<?php if ( ALLOW_REMEMBER_ME ):?>
			<div style="margin-bottom:6px">
				<input type="checkbox" name="remember" id="remember" />
				<label for="remember">Remember me</label>
			</div>
			<?php endif;?>
			<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
			<br class="clear" />
			<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>
			
		</form>
		
		
	</div>
	
</body>
 
</html>

Open in new window

sandbuddAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MMDeveloperCommented:
I would start commenting out blocks of code until it does work, that way you know which block of code is causing the fatal errors.
0
sandbuddAuthor Commented:
starting where for example
0
nplibCommented:
start there, then work backwords
<?php
error_reporting(E_ALL);
/* 
        require_once ( 'settings.php' );
 
        if ( array_key_exists ( '_submit_check', $_POST ) )
        {
                if ( $_POST['username'] != '' && $_POST['password'] != '' )
                {
                        $query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
                        if ( $db->RecordCount ( $query ) == 1 )
                        {
                                $row = $db->getRow ( $query );
                                if ( $row->Active == 1 )
                                {
                                        set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
                                        header ( "Location: " . REDIRECT_AFTER_LOGIN );
                                }
                                elseif ( $row->Active == 0 ) {
                                        $error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
                                }
                                elseif ( $row->Active == 2 ) {
                                        $error = 'You are suspended!';
                                }
                        }
                        else {          
                                $error = 'Login failed!';               
                        }
                }
                else {
                        $error = 'Please use both your username and password to access your account';
                }
        }
*/
?>

Open in new window

0
CompTIA Network+

Prepare for the CompTIA Network+ exam by learning how to troubleshoot, configure, and manage both wired and wireless networks.

sandbuddAuthor Commented:
when I comment out the require_once settings it displays?
0
nplibCommented:
then your problem could very well have something to do with settings.php
0
MMDeveloperCommented:
well for example I removed all the HTML, added a few echo statements, and commented out a huge chunk of the code.

if the 2 echo statements process, and also the
<?php
error_reporting(E_ALL);
	echo "requiring";
        require_once ( 'settings.php' );
	echo "required";
        if ( array_key_exists ( '_submit_check', $_POST ) )
        {
               /* if ( $_POST['username'] != '' && $_POST['password'] != '' )
                {
                        $query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
                        if ( $db->RecordCount ( $query ) == 1 )
                        {
                                $row = $db->getRow ( $query );
                                if ( $row->Active == 1 )
                                {
                                        set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
                                        header ( "Location: " . REDIRECT_AFTER_LOGIN );
                                }
                                elseif ( $row->Active == 0 ) {
                                        $error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
                                }
                                elseif ( $row->Active == 2 ) {
                                        $error = 'You are suspended!';
                                }
                        }
                        else {          
                                $error = 'Login failed!';               
                        }
                }
                else {
                        $error = 'Please use both your username and password to access your account';
                }*/
        }
?>
made it this far

Open in new window

0
MMDeveloperCommented:
my bad, soon as I was about to post I got pulled into a meeting, posted when I came back only to see I'm way behind in the conversation :P
0
sandbuddAuthor Commented:
got it to work but when I do the session start I get a blank page now...lol..

<?php
session_start()
		if ( $_SESSION['logged_in'] ):
	?>
			Content here
	<?php
		endif;
	?>

Open in new window

0
sandbuddAuthor Commented:
members page
0
sandbuddAuthor Commented:
do I need to do a session start on the login page?
0
MMDeveloperCommented:
you're missing the ';'
0
sandbuddAuthor Commented:
I did this and get this error?
Notice: Undefined variable: _SESSION in D:\hshome\sandbudd\sandbuddcustomdesigns.com\login\logged_in.php on line 4

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
 
		if ( $_SESSION['logged_in'] ):
	?>
			Content here
	<?php
		endif;
	?>

Open in new window

0
nplibCommented:
cause you need session_start(),

but it needs to be at the top of the root page.
not within a included page

like..

only have "1" session_start(),

if you have any in your included pagees, remove them.
<?php
session_start();
error_reporting(E_ALL);
 
        require_once ( 'settings.php' );
 
        if ( array_key_exists ( '_submit_check', $_POST ) )
        {
                if ( $_POST['username'] != '' && $_POST['password'] != '' )
                {
...........................

Open in new window

0
sandbuddAuthor Commented:
Okay here is the sign in page...

<?php
error_reporting(E_ALL);
 
	require_once ( 'settings.php' );
 
	if ( array_key_exists ( '_submit_check', $_POST ) )
	{
		if ( $_POST['username'] != '' && $_POST['password'] != '' )
		{
			$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
			if ( $db->RecordCount ( $query ) == 1 )
			{
				$row = $db->getRow ( $query );
				if ( $row->Active == 1 )
				{
					set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
					header ( "Location: " . REDIRECT_AFTER_LOGIN );
				}
				elseif ( $row->Active == 0 ) {
					$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
				}
				elseif ( $row->Active == 2 ) {
					$error = 'You are suspended!';
				}
			}
			else {		
				$error = 'Login failed!';		
			}
		}
		else {
			$error = 'Please use both your username and password to access your account';
		}
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title></title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
 
</head>
 
<body>
 
	<div id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
	</div>
	<div id="container" style="width:230px;">
 
		<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
 
			<input type="hidden" name="_submit_check" value="1"/> 
		
			<div style="margin-top:12px; margin-bottom:10px">
				<img src="images/username.gif" alt="username" border="0" />
				<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
			</div>
			<div style="margin-bottom:6px">
				<img src="images/password.gif" alt="password" border="0" />
				<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
			</div>
			<?php if ( ALLOW_REMEMBER_ME ):?>
			<div style="margin-bottom:6px">
				<input type="checkbox" name="remember" id="remember" />
				<label for="remember">Remember me</label>
			</div>
			<?php endif;?>
			<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
			<br class="clear" />
			<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>
			
		</form>
		
		
	</div>
	
</body>
 
</html>

Open in new window

0
sandbuddAuthor Commented:
here isl the members page and it takes me back to the sign in page...I checked the database and the information is there...


<?php 
	require_once('settings.php');
	checkLogin('1 2');
 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title>Login System With Admin Features</title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
</head>
 
<body>
 
	<div id="container" style="text-align:center;width:230px;">
 
<?php
	echo 'Hello <em><b><u>' . get_username ( $_SESSION['user_id'] ) . '</u></b></em>!<br />You are now logged in.<br /><br /><a href="update_profile.php" title="update your profile">Click here</a> to update your profile.';
	
	/* we show the manage users link only if the logged in member has admin rights */
	if ( isadmin ( $_SESSION['user_id'] ) ):
?>
	<br /><br />
	It seems that you're an admin. You may <a href="manage_users.php" title="manage users">manage users</a> or <a href="admin_settings.php" title="edit site settings">edit site settings</a>.
<?php
	endif;
?>
	<br /><br />
	
	<a href="logout.php">logout</a>
		
	</div>
	
</body>
 
</html>

Open in new window

0
sandbuddAuthor Commented:
Here is my database structure...


-- phpMyAdmin SQL Dump
-- version 2.11.8.1
-- http://www.phpmyadmin.net
--
-- Host: 127.0.0.1:3306
-- Generation Time: Nov 13, 2008 at 02:39 PM
-- Server version: 4.1.20
-- PHP Version: 4.3.11
 
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
 
--
-- Database: `sandbud_clients`
--
 
-- --------------------------------------------------------
 
--
-- Table structure for table `users`
--
 
CREATE TABLE IF NOT EXISTS `users` (
  `ID` int(11) NOT NULL auto_increment,
  `Username` varchar(255) NOT NULL default '',
  `Password` varchar(255) NOT NULL default '',
  `date_registered` int(11) NOT NULL default '0',
  `Temp_pass` varchar(55) default NULL,
  `Temp_pass_active` tinyint(1) NOT NULL default '0',
  `Email` varchar(255) NOT NULL default '',
  `Active` int(11) NOT NULL default '0',
  `Level_access` int(11) NOT NULL default '2',
  `Random_key` varchar(32) default NULL,
  PRIMARY KEY  (`ID`),
  UNIQUE KEY `Username` (`Username`),
  UNIQUE KEY `Email` (`Email`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
 
--
-- Dumping data for table `users`
--
 
INSERT INTO `users` (`ID`, `Username`, `Password`, `date_registered`, `Temp_pass`, `Temp_pass_active`, `Email`, `Active`, `Level_access`, `Random_key`) VALUES
(1, 'sandbudd', '227dd828170f456f4fb2ac146846470b', 1226608160, NULL, 0, 'info@sandbuddcustomdesigns.com', 1, 1, 'id61EyYHuBlguD8fg5eG7d9hVfWR1hQg');

Open in new window

0
sandbuddAuthor Commented:
If you need any other files let me know as I am at a loss
0
nplibCommented:
post your settings.php
0
sandbuddAuthor Commented:
settings.php
<?php
require ( 'lib/connection.php' );			
require ( 'functions.php' );				
define ( "HOSTNAME", "" );			
define ( "DATABASE", "" );				
define ( "DBUSER", "" );			
define ( "DBPASS", "" );			
define ( "DBPREFIX", "" );				
define ( "APPLICATION_URL", "http://www.sandbudd.com/login/" );
define ( "APPLICATION_FOLDER", "login" );		
define ( "REDIRECT_TO_LOGIN", "login.php" );		
define ( "REDIRECT_AFTER_LOGIN", "members.php" );	
define ( "REDIRECT_ON_LOGOUT", "login.php" );		
define ( "ADMIN_EMAIL", "info@sandbudd.com" );
define ( "KEEP_LOGGED_IN_FOR", 60*60*24*100 );		
define ( "COOKIE_PATH", "/" );				
define ( "DOMAIN_NAME", "www.sandbudd.com" );		
define ( "RUN_ON_DEVELOPMENT", TRUE );			
define ( "REDIRECT_AFTER_CONFIRMATION", TRUE );		
define ( "ALLOW_USERNAME_CHANGE", FALSE );		
define ( "ALLOW_REMEMBER_ME", TRUE );			
 
 
 
define ( "USE_SMTP", FALSE );				
define ( "SMTP_PORT", "" );				
define ( "SMTP_HOST", "" );		
define ( "SMTP_USER", "" );		
define ( "SMTP_PASS", "" );		
define ( "MAIL_IS_HTML", FALSE );			
 
 
if ( function_exists ( 'realpath' ) AND @realpath ( dirname (__FILE__) ) !== FALSE )
{
	define ( "BASE_PATH", str_replace ( "\\", "/", realpath ( dirname(__FILE__) ) ) . '/' );
}
 
 
//how do we handle errors
error_reporting ( ( RUN_ON_DEVELOPMENT ) ? E_ALL : E_WARNING );
if ( file_exists ( BASE_PATH . 'install.php' ) )
{
	die ( "Please delete install.php from your server before continuing!" );
}
 
 
$db = new db ( DBUSER, DBPASS, DATABASE, HOSTNAME );	
?>

Open in new window

0
nplibCommented:
ok post connections.php and functions.php
0
sandbuddAuthor Commented:
connection.php
<?
 
	
	define("EZSQL_VERSION","1.01");
	define("OBJECT","OBJECT",true);
	define("ARRAY_A","ARRAY_A",true);
	define("ARRAY_N","ARRAY_N",true);
 
	// ==================================================================
	//	The Main Class
	
	class db {
	
		// ==================================================================
		//	DB Constructor - connects to the server and selects a database
		
		function db($dbuser, $dbpassword, $dbname, $dbhost)
		{
	
			$this->dbh = @mysql_connect($dbhost,$dbuser,$dbpassword);
			
			if ( ! $this->dbh )
			{
				$this->print_error("<ol><b>Error establishing a database connection!</b><li>Are you sure you have the correct user/password?<li>Are you sure that you have typed the correct hostname?<li>Are you sure that the database server is running?</ol>");
			}
			
				
			$this->select($dbname);
		
		}
		
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
	
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
	
		// ==================================================================
		//	Basic Query	- see docs for more detail
		
		function query($query, $output = OBJECT) 
		{
			
			// Log how the function was called
			$this->func_call = "\$db->query(\"$query\", $output)";		
			
			// Kill this
			$this->last_result = null;
			$this->col_info = null;
	
			// Keep track of the last query for debug..
			$this->last_query = $query;
			
			// Perform the query via std mysql_query function..
			$this->result = mysql_query($query,$this->dbh);
	
			if ( mysql_error() ) 
			{				
				// If there is an error then take note of it..
				$this->print_error();
				return FALSE;	
			}
			else {
	
				// In other words if this was a select statement..
				if ( $this->result )
				{
	
					// =======================================================
					// Take note of column info
					
					$i=0;
					while ($i < @mysql_num_fields($this->result))
					{
						$this->col_info[$i] = @mysql_fetch_field($this->result);
						$i++;
					}
	
					// =======================================================				
					// Store Query Results
					
					$i=0;
					while ( $row = @mysql_fetch_object($this->result) )
					{ 
	
						// Store relults as an objects within main array
						$this->last_result[$i] = $row;
						
						$i++;
					}
					
					@mysql_free_result($this->result);
				}
				
				return TRUE;
	
			}
		}
		
		// ==================================================================
		//
		
		function RecordCount ( $query )
		{
			return mysql_num_rows ( mysql_query ( $query ) );
		}
		
		// ==================================================================
		//
		
		function Mresult ( $query, $a, $b )
		{
			return mysql_result ( mysql_query ( $query ), $a, $b );
		}
		
		/**
		 * Correctly quotes a string so that all strings are escape coded.
		 * 
		 * @param string			the string to quote
		 * @param [magic_quotes]	if $s is GET/POST var, set to get_magic_quotes_gpc().
		 */
 
		function qstr ( $string, $magic_quotes = false )
		{
			if (!$magic_quotes) {
				if (strnatcmp(PHP_VERSION, '4.3.0') >= 0) {
					return "'" . mysql_real_escape_string($string) . "'";
				}
				$string = str_replace("'", "\\'" , str_replace('\\', '\\\\', str_replace("\0", "\\\0", $string)));
				return  "'" . $string . "'"; 
			}
			return "'" . str_replace('\\"', '"', $string) . "'";
		}
	
		// ==================================================================
		//	Get one variable from the DB - see docs for more detail
		
		function get_var($query=null,$x=0,$y=0)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_var(\"$query\",$x,$y)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract var out of cached results based x,y vals
			if ( $this->last_result[$y] )
			{
				$values = array_values(get_object_vars($this->last_result[$y]));
			}
			
			// If there is a value return it else return null
			return $values[$x]?$values[$x]:null;
		}
	
		// ==================================================================
		//	Get one row from the DB - see docs for more detail
		
		function getRow($query=null,$y=0,$output=OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->getRow(\"$query\",$y,$output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
	
			// If the output is an object then return object using the row offset..
			if ( $output == OBJECT )
			{
				return $this->last_result[$y]?$this->last_result[$y]:null;
			}
			// If the output is an associative array then return row as such..
			elseif ( $output == ARRAY_A )
			{
				return $this->last_result[$y]?get_object_vars($this->last_result[$y]):null;	
			}
			// If the output is an numerical array then return row as such..
			elseif ( $output == ARRAY_N )
			{
				return $this->last_result[$y]?array_values(get_object_vars($this->last_result[$y])):null;
			}
			// If invalid output type was specified..
			else
			{
				$this->print_error(" \$db->getRow(string query,int offset,output type) -- Output type must be one of: OBJECT, ARRAY_A, ARRAY_N ");	
			}
	
		}
	
		// ==================================================================
		//	Function to get 1 column from the cached result set based in X index
		// se docs for usage and info
	
		function get_col($query=null,$x=0)
		{
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract the column values
			for ( $i=0; $i < count($this->last_result); $i++ )
			{
				$new_array[$i] = $this->get_var(null,$x,$i);
			}
			
			return $new_array;
		}
	
		// ==================================================================
		// Return the the query as a result set - see docs for more details
		
		function get_results($query=null, $output = OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_results(\"$query\", $output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}		
	
			// Send back array of objects. Each row is an object		
			if ( $output == OBJECT )
			{
				return $this->last_result; 
			}
			elseif ( $output == ARRAY_A || $output == ARRAY_N )
			{
				if ( $this->last_result )
				{
					$i=0;
					foreach( $this->last_result as $row )
					{
						
						$new_array[$i] = get_object_vars($row);
						
						if ( $output == ARRAY_N )
						{
							$new_array[$i] = array_values($new_array[$i]);
						}
	
						$i++;
					}
				
					return $new_array;
				}
				else
				{
					return null;	
				}
			}
		}
	
	
		// ==================================================================
		// Function to get column meta data info pertaining to the last query
		// see docs for more info and usage
		
		function get_col_info($info_type="name",$col_offset=-1)
		{
	
			if ( $this->col_info )
			{
				if ( $col_offset == -1 )
				{
					$i=0;
					foreach($this->col_info as $col )
					{
						$new_array[$i] = $col->{$info_type};
						$i++;
					}
					return $new_array;
				}
				else
				{
					return $this->col_info[$col_offset]->{$info_type};
				}
			
			}
			
		}
	
	
		// ==================================================================
		// Dumps the contents of any input variable to screen in a nicely
		// formatted and easy to understand way - any type: Object, Var or Array
	
		function vardump($mixed)
		{
 
			echo "<blockquote><font color=000090>";
			echo "<pre><font face=arial>";
			
			if ( ! $this->vardump_called )
			{
				echo "<font color=800080><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Variable Dump..</b></font>\n\n";
			}
	
			print_r($mixed);	
			echo "\n\n<b>Last Query:</b> ".($this->last_query?$this->last_query:"NULL")."\n";
			echo "<b>Last Function Call:</b> " . ($this->func_call?$this->func_call:"None")."\n";
			echo "<b>Last Rows Returned:</b> ".count($this->last_result)."\n";
			echo "</font></pre></font></blockquote>";
			echo "\n<hr size=1 noshade color=dddddd>";
			
			$this->vardump_called = true;
 
		}
	
		// Alias for the above function	
		function dumpvars($mixed)
		{
			$this->vardump($mixed);	
		}
	
		// ==================================================================
		// Displays the last query string that was sent to the database & a 
		// table listing results (if there were any). 
		// (abstracted into a seperate file to save server overhead).
		
		function debug()
		{
			
			echo "<blockquote>";
	
			// Only show ezSQL credits once..
			if ( ! $this->debug_called )
			{
				echo "<font color=800080 face=arial size=2><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Debug..</b></font><p>\n";
			}
			echo "<font face=arial size=2 color=000099><b>Query --</b> ";
			echo "[<font color=000000><b>$this->last_query</b></font>]</font><p>";
	
				echo "<font face=arial size=2 color=000099><b>Query Result..</b></font>";
				echo "<blockquote>";
				
			if ( $this->col_info )
			{
				
				
				
				echo "<table cellpadding=5 cellspacing=1 bgcolor=555555>";
				echo "<tr bgcolor=eeeeee><td nowrap valign=bottom><font color=555599 face=arial size=2><b>(row)</b></font></td>";
	
	
				for ( $i=0; $i < count($this->col_info); $i++ )
				{
					echo "<td nowrap align=left valign=top><font size=1 color=555599 face=arial>{$this->col_info[$i]->type} {$this->col_info[$i]->max_length}<br><font size=2><b>{$this->col_info[$i]->name}</b></font></td>";
				}
	
				echo "</tr>";
	
				// ======================================================
				// print main results
	
			if ( $this->last_result )
			{
	
				$i=0;
				foreach ( $this->get_results(null,ARRAY_N) as $one_row )
				{
					$i++;
					echo "<tr bgcolor=ffffff><td bgcolor=eeeeee nowrap align=middle><font size=2 color=555599 face=arial>$i</font></td>";
	
					foreach ( $one_row as $item )
					{
						echo "<td nowrap><font face=arial size=2>$item</font></td>";	
					}
	
					echo "</tr>";				
				}
	
			} // if last result
			else
			{
				echo "<tr bgcolor=ffffff><td colspan=".(count($this->col_info)+1)."><font face=arial size=2>No Results</font></td></tr>";			
			}
	
			echo "</table>";		
	
			} // if col_info
			else
			{
				echo "<font face=arial size=2>No Results</font>";			
			}
			
			echo "</blockquote></blockquote><hr noshade color=dddddd size=1>";
			
			
			$this->debug_called = true;
		}
	
	
	}
 
?>

Open in new window

0
sandbuddAuthor Commented:
functions.php
<?php
	
	function checkLogin ( $levels )
	{
		session_start ();
		global $db;
		$kt = split ( ' ', $levels );
		
		if ( ! $_SESSION['logged_in'] ) {
		
			$access = FALSE;
			
			if ( isset ( $_COOKIE['cookie_id'] ) ) {
			
				$query =  'SELECT * FROM ' . DBPREFIX . 'users WHERE ID = ' . $db->qstr ( $_COOKIE['cookie_id'] );
 
				if ( $db->RecordCount ( $query ) == 1 ) {
					$row = $db->getRow ( $query );
					
					
					if ( $_COOKIE['authenticate'] == md5 ( getIP () . $row->Password . $_SERVER['USER_AGENT'] ) ) {
						
						$_SESSION['user_id'] = $row->ID;				
						$_SESSION['logged_in'] = TRUE;
						
						
						if ( in_array ( get_level_access ( $_SESSION['user_id'] ), $kt ) ) {
						
							$access = TRUE;
						}
					}
				}
			}
		}
		else {			
			$access = FALSE;
			
			if ( in_array ( get_level_access ( $_SESSION['user_id'] ), $kt ) ) {
				$access = TRUE;
			}
		}
		
		if ( $access == FALSE ) {
			header ( "Location: " . REDIRECT_TO_LOGIN );
		}		
	}
	
	
	
	function get_level_access ( $user_id )
	{
		global $db;
		$row = $db->getRow ( 'SELECT Level_access FROM ' . DBPREFIX . 'users WHERE ID = ' . $db->qstr ( $user_id ) );
		return $row->Level_access;
	}
	
	
	
	function logout ()
	{
		
		session_start ();
	
		
		if ( $_SESSION['logged_in'] == TRUE )
		{	
			
			unset ( $_SESSION ); 
			
			session_destroy (); 
		}
		
		
		if ( isset ( $_COOKIE['cookie_id'] ) && isset ( $_COOKIE['authenticate'] ) ) {
			
			setcookie ( "cookie_id", '', time() - KEEP_LOGGED_IN_FOR, COOKIE_PATH );
			setcookie ( "authenticate", '', time() - KEEP_LOGGED_IN_FOR, COOKIE_PATH );
		}
		
		
		header ( "Location: " . REDIRECT_ON_LOGOUT );
	}
	
	
	
	function clear_cookies ()
	{
		
		if ( isset( $_SERVER['HTTP_COOKIE'] ) ) {
			$cookies = explode ( ';', $_SERVER['HTTP_COOKIE'] );
			
			foreach ( $cookies as $cookie ) {
				$parts = explode ( '=', $cookie );
				$name = trim ( $parts [ 0 ] );
				setcookie ( $name, '', time() - KEEP_LOGGED_IN_FOR );
				setcookie ( $name, '', time() - KEEP_LOGGED_IN_FOR, '/' );
			}
		}
	}
	
	
	function set_login_sessions ( $user_id, $password, $remember )
	{
		
		session_start();
		
		
		$_SESSION['user_id'] = $user_id;
		$_SESSION['logged_in'] = TRUE;
		
		
		if ( $remember ) {
			setcookie ( "cookie_id", $user_id, time() + KEEP_LOGGED_IN_FOR, COOKIE_PATH );
			setcookie ( "authenticate", md5 ( getIP () . $password . $_SERVER['USER_AGENT'] ), time() + KEEP_LOGGED_IN_FOR, COOKIE_PATH );
		}
	}
	
	
	function valid_email ( $str )
	{
		return ( ! preg_match ( "/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str ) ) ? FALSE : TRUE;
	}
 
	
	function checkUnique ( $field, $compared )
	{
		global $db;
 
		$query = $db->getRow ( "SELECT COUNT(*) as total FROM `" . DBPREFIX . "users` WHERE " . $field . " = " . $db->qstr ( $compared ) );
 
		if ( $query->total == 0 ) {
			return TRUE;
		}
		else {
			return FALSE;
		}
	}
 
	
	function numeric ( $str )
	{
		return ( ! ereg ( "^[0-9\.]+$", $str ) ) ? FALSE : TRUE;
	}
	
	
	function alpha_numeric ( $str )
	{
		return ( ! preg_match ( "/^([-a-z0-9])+$/i", $str ) ) ? FALSE : TRUE;
	}
	
	
	function random_string ( $type = 'alnum', $len = 8 )
	{					
		switch ( $type )
		{
			case 'alnum'	:
			case 'numeric'	:
			case 'nozero'	:
			
					switch ($type)
					{
						case 'alnum'	:	$pool = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
							break;
						case 'numeric'	:	$pool = '0123456789';
							break;
						case 'nozero'	:	$pool = '123456789';
							break;
					}
	
					$str = '';
					for ( $i=0; $i < $len; $i++ )
					{
						$str .= substr ( $pool, mt_rand ( 0, strlen ( $pool ) -1 ), 1 );
					}
					return $str;
			break;
			case 'unique' : return md5 ( uniqid ( mt_rand () ) );
			break;
		}
	}
 
	
	function get_username ( $id )
	{
		global $db;
		
		$query = "SELECT `Username` FROM `" . DBPREFIX . "users` WHERE `ID` = " . $db->qstr ( $id );
		
		if ( $db->RecordCount ( $query ) == 1 )
		{
			$row = $db->getRow ( $query );
			
			return $row->Username;
		}
		else {
			return FALSE;
		}
	}
	
	
	function isadmin ( $id )
	{
		global $db;
		
		$query = "SELECT `Level_access` FROM `" . DBPREFIX . "users` WHERE `ID` = " . $db->qstr ( $id );
		
		if ( $db->RecordCount ( $query ) == 1 )
		{
			$row = $db->getRow ( $query );
			
			if ( $row->Level_access == 1 )
			{
				return TRUE;
			}
			else {
				return FALSE;
			}
		}
		else {
			return FALSE;
		}
	}
	
	
	function html2txt ( $document )
	{
		$search = array("'<script[^>]*?>.*?</script>'si",	
				"'<[\/\!]*?[^<>]*?>'si",		
				"'([\r\n])[\s]+'",			
				"'@<![\s\S]*?[ \t\n\r]*>@'",
				"'&(quot|#34|#034|#x22);'i",	
				"'&(amp|#38|#038|#x26);'i",		
				"'&(lt|#60|#060|#x3c);'i",
				"'&(gt|#62|#062|#x3e);'i",
				"'&(nbsp|#160|#xa0);'i",
				"'&(iexcl|#161);'i",
				"'&(cent|#162);'i",
				"'&(pound|#163);'i",
				"'&(copy|#169);'i",
				"'&(reg|#174);'i",
				"'&(deg|#176);'i",
				"'&(#39|#039|#x27);'",
				"'&(euro|#8364);'i",			
				"'&a(uml|UML);'",			
				"'&o(uml|UML);'",
				"'&u(uml|UML);'",
				"'&A(uml|UML);'",
				"'&O(uml|UML);'",
				"'&U(uml|UML);'",
				"'&szlig;'i",
				);
		$replace = array(	"",
					"",
					" ",
					"\"",
					"&",
					"<",
					">",
					" ",
					chr(161),
					chr(162),
					chr(163),
					chr(169),
					chr(174),
					chr(176),
					chr(39),
					chr(128),
					"ä",
					"ö",
					"ü",
					"Ä",
					"Ö",
					"Ü",
					"ß",
				);
 
		$text = preg_replace($search,$replace,$document);
 
		return trim ( $text );
	}
	
	
	function send_email ( $subject, $to, $body )
	{
		require ( BASE_PATH . "/lib/phpmailer/class.phpmailer.php" );
		
		$mail = new PHPMailer();
		
		
		if ( USE_SMTP ) {
			$mail->IsSMTP();
			$mail->SMTPAuth = true;
			$mail->Host = SMTP_HOST;
			$mail->Port = SMTP_PORT;
			$mail->Password = SMTP_PASS;
			$mail->Username = SMTP_USER;
		}
 
		$mail->From = ADMIN_EMAIL;
		$mail->FromName = DOMAIN_NAME;
		$mail->AddAddress( $to );
		$mail->AddReplyTo ( ADMIN_EMAIL, DOMAIN_NAME );
		$mail->Subject = $subject;
		$mail->Body = $body;
		$mail->WordWrap = 100;
		$mail->IsHTML ( MAIL_IS_HTML );
		$mail->AltBody  =  html2txt ( $body );
 
		if ( ! $mail->Send() ) {
			if ( RUN_ON_DEVELOPMENT ) {
				echo $mail->ErrorInfo;
			}
			return FALSE;
		}
		else {
			return TRUE;
		}
	}
	
	
	function ip_first ( $ips ) 
	{
		if ( ( $pos = strpos ( $ips, ',' ) ) != false ) {
			return substr ( $ips, 0, $pos );
		} 
		else {
			return $ips;
		}
	}
	
 
 
	function ip_valid ( $ips )
	{
		if ( isset( $ips ) ) {
			$ip    = ip_first ( $ips );
			$ipnum = ip2long ( $ip );
			if ( $ipnum !== -1 && $ipnum !== false && ( long2ip ( $ipnum ) === $ip ) ) {
				if ( ( $ipnum < 167772160   || $ipnum > 184549375 ) && 
				( $ipnum < - 1408237568 || $ipnum > - 1407188993 ) && 
				( $ipnum < - 1062731776 || $ipnum > - 1062666241 ) )   
				return true;
			}
		}
		return false;
	}
	
	
	function getIP () 
	{
		$check = array(
				'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_FORWARDED_FOR',
				'HTTP_FORWARDED', 'HTTP_VIA', 'HTTP_X_COMING_FROM', 'HTTP_COMING_FROM',
				'HTTP_CLIENT_IP'
				);
 
		foreach ( $check as $c ) {
			if ( ip_valid ( &$_SERVER [ $c ] ) ) {
				return ip_first ( $_SERVER [ $c ] );
			}
		}
 
		return $_SERVER['REMOTE_ADDR'];
	}
	
	
	
	function sanitize ( $var, $santype = 3 )
	{
		if ( $santype == 1 ) {
			return strip_tags ( $var );
		}
		if ( $santype == 2 ) {
			return htmlentities ( strip_tags ( $var ), ENT_QUOTES, 'UTF-8' );
		}
		if ( $santype == 3 ) {
			if ( ! get_magic_quotes_gpc () ) {
				return addslashes ( htmlentities ( strip_tags ( $var ), ENT_QUOTES, 'UTF-8' ) );
			}
			else {
			   return htmlentities ( strip_tags ( $var ), ENT_QUOTES, 'UTF-8' );
			}
		}
	}
?>

Open in new window

0
nplibCommented:
From what I see, in your settings.php, you define DBUSER, DBPASS, DATABASE, HOSTNAME as empty variables, then try to use them to connect to your DB.

These need to have values, this could be causing you blank page.

Plus you will need session_start() where I told you to place it.
0
sandbuddAuthor Commented:
I just took those out so they were not published on the net...I can populate the database just find...for example to sign up..  where and witch file do I put the session_start please?
0
sandbuddAuthor Commented:
it is in the functions file?
0
nplibCommented:

<?php
session_start();
error_reporting(E_ALL);
 
        require_once ( 'settings.php' );
 
        if ( array_key_exists ( '_submit_check', $_POST ) )
        {
                if ( $_POST['username'] != '' && $_POST['password'] != '' )
                {
...........................

Open in new window

0
sandbuddAuthor Commented:
which file login.php?
0
nplibCommented:
I guess so, the one that started this post.

you never specified it's exact file name.
0
sandbuddAuthor Commented:
thats the login script...I add this and still goes back to the login page
<?php
session_start();
error_reporting(E_ALL);
 
        require_once ( 'settings.php' );
 
        if ( array_key_exists ( '_submit_check', $_POST ) )
        {
                if ( $_POST['username'] != '' && $_POST['password'] != '' )
                {
 
			$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
			if ( $db->RecordCount ( $query ) == 1 )
			{
				$row = $db->getRow ( $query );
				if ( $row->Active == 1 )
				{
					set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
					header ( "Location: " . REDIRECT_AFTER_LOGIN );
				}
				elseif ( $row->Active == 0 ) {
					$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
				}
				elseif ( $row->Active == 2 ) {
					$error = 'You are suspended!';
				}
			}
			else {		
				$error = 'Login failed!';		
			}
		}
		else {
			$error = 'Please use both your username and password to access your account';
		}
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title></title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
 
</head>
 
<body>
 
	<div id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
	</div>
	<div id="container" style="width:230px;">
 
		<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
 
			<input type="hidden" name="_submit_check" value="1"/> 
		
			<div style="margin-top:12px; margin-bottom:10px">
				<img src="images/username.gif" alt="username" border="0" />
				<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
			</div>
			<div style="margin-bottom:6px">
				<img src="images/password.gif" alt="password" border="0" />
				<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
			</div>
			<?php if ( ALLOW_REMEMBER_ME ):?>
			<div style="margin-bottom:6px">
				<input type="checkbox" name="remember" id="remember" />
				<label for="remember">Remember me</label>
			</div>
			<?php endif;?>
			<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
			<br class="clear" />
			<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>
			
		</form>
		
		
	</div>
	
</body>
 
</html>

Open in new window

0
nplibCommented:
I thought your problem was you were getting a blank screen?
0
sandbuddAuthor Commented:
oh heck Im sorry...got it to where the login page shows up but now what is happening is when I go to log in it is supposed to go to members page but defaults and redirects back to the sign in page.
0
sandbuddAuthor Commented:
for a new member works fine and populates the database
0
sandbuddAuthor Commented:
but then when trying to sign in it redirects to the login page instead of the members page...
0
sandbuddAuthor Commented:
are you still there?
0
nplibCommented:
post your members.php file
0
sandbuddAuthor Commented:
members.php
<?php 
 
	require_once('settings.php');
	checkLogin('1 2');
 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title></title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
</head>
 
<body>
 
	<div id="container" style="text-align:center;width:230px;">
 
<?php
	echo 'Hello <em><b><u>' . get_username ( $_SESSION['user_id'] ) . '</u></b></em>!<br />You are now logged in.<br /><br /><a href="update_profile.php" title="update your profile">Click here</a> to update your profile.';
	
	/* we show the manage users link only if the logged in member has admin rights */
	if ( isadmin ( $_SESSION['user_id'] ) ):
?>
	<br /><br />
	It seems that you're an admin. You may <a href="manage_users.php" title="manage users">manage users</a> or <a href="admin_settings.php" title="edit site settings">edit site settings</a>.
<?php
	endif;
?>
	<br /><br />
	
	<a href="logout.php">logout</a>
		
	</div>
	
</body>
 
</html>

Open in new window

0
nplibCommented:
remove session_start() from functions.php

add session_start() to the top of members.php
0
sandbuddAuthor Commented:
now I get a blank page?
0
nplibCommented:
k, now we are getting somewhere.

do this to your members.php

and make sure you remove session_start() from functions.php
<?php
session_start();
error_reporting(E_ALL);
 
require_once('settings.php');
checkLogin('1 2');
 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title></title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
</head>
 
<body>
 
	<div id="container" style="text-align:center;width:230px;">
 
<?php
	echo 'Hello <em><b><u>' . get_username ( $_SESSION['user_id'] ) . '</u></b></em>!<br />You are now logged in.<br /><br /><a href="update_profile.php" title="update your profile">Click here</a> to update your profile.';
	
	/* we show the manage users link only if the logged in member has admin rights */
	if ( isadmin ( $_SESSION['user_id'] ) ):
?>
	<br /><br />
	It seems that you're an admin. You may <a href="manage_users.php" title="manage users">manage users</a> or <a href="admin_settings.php" title="edit site settings">edit site settings</a>.
<?php
	endif;
?>
	<br /><br />
	
	<a href="logout.php">logout</a>
		
	</div>
	
</body>
 
</html>

Open in new window

0
sandbuddAuthor Commented:
okay the only file that has the session_start is members and it returns back to the start page
0
nplibCommented:
ok, so login.php and members.php have session_start() in them now.

close your browser and reopen, tell me the results try and login

0
sandbuddAuthor Commented:
login.php and members.php are the only session_start()

closed firefox and even cleared browser history, cookies etc...
and still goes back to login page
0
nplibCommented:
but not blank right?

k, post the most current versions of login.php, members.php, connections.php, functions.php and settings.php
0
nplibCommented:
This could take a little time for me to read it all.
0
sandbuddAuthor Commented:
login.php
<?php
session_start();
error_reporting(E_ALL);
 
        require_once ( 'settings.php' );
 
        if ( array_key_exists ( '_submit_check', $_POST ) )
        {
                if ( $_POST['username'] != '' && $_POST['password'] != '' )
                {
 
			$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
			if ( $db->RecordCount ( $query ) == 1 )
			{
				$row = $db->getRow ( $query );
				if ( $row->Active == 1 )
				{
					set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
					header ( "Location: " . REDIRECT_AFTER_LOGIN );
				}
				elseif ( $row->Active == 0 ) {
					$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
				}
				elseif ( $row->Active == 2 ) {
					$error = 'You are suspended!';
				}
			}
			else {		
				$error = 'Login failed!';		
			}
		}
		else {
			$error = 'Please use both your username and password to access your account';
		}
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title></title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
 
</head>
 
<body>
 
	<div id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
	</div>
	<div id="container" style="width:230px;">
 
		<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
 
			<input type="hidden" name="_submit_check" value="1"/> 
		
			<div style="margin-top:12px; margin-bottom:10px">
				<img src="images/username.gif" alt="username" border="0" />
				<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
			</div>
			<div style="margin-bottom:6px">
				<img src="images/password.gif" alt="password" border="0" />
				<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
			</div>
			<?php if ( ALLOW_REMEMBER_ME ):?>
			<div style="margin-bottom:6px">
				<input type="checkbox" name="remember" id="remember" />
				<label for="remember">Remember me</label>
			</div>
			<?php endif;?>
			<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
			<br class="clear" />
			<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>
			
		</form>
		
		
	</div>
	
</body>
 
</html>

Open in new window

0
sandbuddAuthor Commented:
members.php
<?php
session_start();
error_reporting(E_ALL);
 
require_once('settings.php');
checkLogin('1 2');
 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title></title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
</head>
 
<body>
 
	<div id="container" style="text-align:center;width:230px;">
 
<?php
	echo 'Hello <em><b><u>' . get_username ( $_SESSION['user_id'] ) . '</u></b></em>!<br />You are now logged in.<br /><br /><a href="update_profile.php" title="update your profile">Click here</a> to update your profile.';
	
	/* we show the manage users link only if the logged in member has admin rights */
	if ( isadmin ( $_SESSION['user_id'] ) ):
?>
	<br /><br />
	It seems that you're an admin. You may <a href="manage_users.php" title="manage users">manage users</a> or <a href="admin_settings.php" title="edit site settings">edit site settings</a>.
<?php
	endif;
?>
	<br /><br />
	
	<a href="logout.php">logout</a>
		
	</div>
	
</body>
 
</html>

Open in new window

0
sandbuddAuthor Commented:
connection.php
<?
 
	define("EZSQL_VERSION","1.01");
	define("OBJECT","OBJECT",true);
	define("ARRAY_A","ARRAY_A",true);
	define("ARRAY_N","ARRAY_N",true);
 
	// ==================================================================
	//	The Main Class
	
	class db {
	
		// ==================================================================
		//	DB Constructor - connects to the server and selects a database
		
		function db($dbuser, $dbpassword, $dbname, $dbhost)
		{
	
			$this->dbh = @mysql_connect($dbhost,$dbuser,$dbpassword);
			
			if ( ! $this->dbh )
			{
				$this->print_error("<ol><b>Error establishing a database connection!</b><li>Are you sure you have the correct user/password?<li>Are you sure that you have typed the correct hostname?<li>Are you sure that the database server is running?</ol>");
			}
			
				
			$this->select($dbname);
		
		}
		
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
	
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
	
		// ==================================================================
		//	Basic Query	- see docs for more detail
		
		function query($query, $output = OBJECT) 
		{
			
			// Log how the function was called
			$this->func_call = "\$db->query(\"$query\", $output)";		
			
			// Kill this
			$this->last_result = null;
			$this->col_info = null;
	
			// Keep track of the last query for debug..
			$this->last_query = $query;
			
			// Perform the query via std mysql_query function..
			$this->result = mysql_query($query,$this->dbh);
	
			if ( mysql_error() ) 
			{				
				// If there is an error then take note of it..
				$this->print_error();
				return FALSE;	
			}
			else {
	
				// In other words if this was a select statement..
				if ( $this->result )
				{
	
					// =======================================================
					// Take note of column info
					
					$i=0;
					while ($i < @mysql_num_fields($this->result))
					{
						$this->col_info[$i] = @mysql_fetch_field($this->result);
						$i++;
					}
	
					// =======================================================				
					// Store Query Results
					
					$i=0;
					while ( $row = @mysql_fetch_object($this->result) )
					{ 
	
						// Store relults as an objects within main array
						$this->last_result[$i] = $row;
						
						$i++;
					}
					
					@mysql_free_result($this->result);
				}
				
				return TRUE;
	
			}
		}
		
		// ==================================================================
		//
		
		function RecordCount ( $query )
		{
			return mysql_num_rows ( mysql_query ( $query ) );
		}
		
		// ==================================================================
		//
		
		function Mresult ( $query, $a, $b )
		{
			return mysql_result ( mysql_query ( $query ), $a, $b );
		}
		
		/**
		 * Correctly quotes a string so that all strings are escape coded.
		 * 
		 * @param string			the string to quote
		 * @param [magic_quotes]	if $s is GET/POST var, set to get_magic_quotes_gpc().
		 */
 
		function qstr ( $string, $magic_quotes = false )
		{
			if (!$magic_quotes) {
				if (strnatcmp(PHP_VERSION, '4.3.0') >= 0) {
					return "'" . mysql_real_escape_string($string) . "'";
				}
				$string = str_replace("'", "\\'" , str_replace('\\', '\\\\', str_replace("\0", "\\\0", $string)));
				return  "'" . $string . "'"; 
			}
			return "'" . str_replace('\\"', '"', $string) . "'";
		}
	
		// ==================================================================
		//	Get one variable from the DB - see docs for more detail
		
		function get_var($query=null,$x=0,$y=0)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_var(\"$query\",$x,$y)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract var out of cached results based x,y vals
			if ( $this->last_result[$y] )
			{
				$values = array_values(get_object_vars($this->last_result[$y]));
			}
			
			// If there is a value return it else return null
			return $values[$x]?$values[$x]:null;
		}
	
		// ==================================================================
		//	Get one row from the DB - see docs for more detail
		
		function getRow($query=null,$y=0,$output=OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->getRow(\"$query\",$y,$output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
	
			// If the output is an object then return object using the row offset..
			if ( $output == OBJECT )
			{
				return $this->last_result[$y]?$this->last_result[$y]:null;
			}
			// If the output is an associative array then return row as such..
			elseif ( $output == ARRAY_A )
			{
				return $this->last_result[$y]?get_object_vars($this->last_result[$y]):null;	
			}
			// If the output is an numerical array then return row as such..
			elseif ( $output == ARRAY_N )
			{
				return $this->last_result[$y]?array_values(get_object_vars($this->last_result[$y])):null;
			}
			// If invalid output type was specified..
			else
			{
				$this->print_error(" \$db->getRow(string query,int offset,output type) -- Output type must be one of: OBJECT, ARRAY_A, ARRAY_N ");	
			}
	
		}
	
		// ==================================================================
		//	Function to get 1 column from the cached result set based in X index
		// se docs for usage and info
	
		function get_col($query=null,$x=0)
		{
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract the column values
			for ( $i=0; $i < count($this->last_result); $i++ )
			{
				$new_array[$i] = $this->get_var(null,$x,$i);
			}
			
			return $new_array;
		}
	
		// ==================================================================
		// Return the the query as a result set - see docs for more details
		
		function get_results($query=null, $output = OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_results(\"$query\", $output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}		
	
			// Send back array of objects. Each row is an object		
			if ( $output == OBJECT )
			{
				return $this->last_result; 
			}
			elseif ( $output == ARRAY_A || $output == ARRAY_N )
			{
				if ( $this->last_result )
				{
					$i=0;
					foreach( $this->last_result as $row )
					{
						
						$new_array[$i] = get_object_vars($row);
						
						if ( $output == ARRAY_N )
						{
							$new_array[$i] = array_values($new_array[$i]);
						}
	
						$i++;
					}
				
					return $new_array;
				}
				else
				{
					return null;	
				}
			}
		}
	
	
		// ==================================================================
		// Function to get column meta data info pertaining to the last query
		// see docs for more info and usage
		
		function get_col_info($info_type="name",$col_offset=-1)
		{
	
			if ( $this->col_info )
			{
				if ( $col_offset == -1 )
				{
					$i=0;
					foreach($this->col_info as $col )
					{
						$new_array[$i] = $col->{$info_type};
						$i++;
					}
					return $new_array;
				}
				else
				{
					return $this->col_info[$col_offset]->{$info_type};
				}
			
			}
			
		}
	
	
		// ==================================================================
		// Dumps the contents of any input variable to screen in a nicely
		// formatted and easy to understand way - any type: Object, Var or Array
	
		function vardump($mixed)
		{
 
			echo "<blockquote><font color=000090>";
			echo "<pre><font face=arial>";
			
			if ( ! $this->vardump_called )
			{
				echo "<font color=800080><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Variable Dump..</b></font>\n\n";
			}
	
			print_r($mixed);	
			echo "\n\n<b>Last Query:</b> ".($this->last_query?$this->last_query:"NULL")."\n";
			echo "<b>Last Function Call:</b> " . ($this->func_call?$this->func_call:"None")."\n";
			echo "<b>Last Rows Returned:</b> ".count($this->last_result)."\n";
			echo "</font></pre></font></blockquote>";
			echo "\n<hr size=1 noshade color=dddddd>";
			
			$this->vardump_called = true;
 
		}
	
		// Alias for the above function	
		function dumpvars($mixed)
		{
			$this->vardump($mixed);	
		}
	
		// ==================================================================
		// Displays the last query string that was sent to the database & a 
		// table listing results (if there were any). 
		// (abstracted into a seperate file to save server overhead).
		
		function debug()
		{
			
			echo "<blockquote>";
	
			// Only show ezSQL credits once..
			if ( ! $this->debug_called )
			{
				echo "<font color=800080 face=arial size=2><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Debug..</b></font><p>\n";
			}
			echo "<font face=arial size=2 color=000099><b>Query --</b> ";
			echo "[<font color=000000><b>$this->last_query</b></font>]</font><p>";
	
				echo "<font face=arial size=2 color=000099><b>Query Result..</b></font>";
				echo "<blockquote>";
				
			if ( $this->col_info )
			{
				
				// =====================================================
				// Results top rows
				
				echo "<table cellpadding=5 cellspacing=1 bgcolor=555555>";
				echo "<tr bgcolor=eeeeee><td nowrap valign=bottom><font color=555599 face=arial size=2><b>(row)</b></font></td>";
	
	
				for ( $i=0; $i < count($this->col_info); $i++ )
				{
					echo "<td nowrap align=left valign=top><font size=1 color=555599 face=arial>{$this->col_info[$i]->type} {$this->col_info[$i]->max_length}<br><font size=2><b>{$this->col_info[$i]->name}</b></font></td>";
				}
	
				echo "</tr>";
	
				// ======================================================
				// print main results
	
			if ( $this->last_result )
			{
	
				$i=0;
				foreach ( $this->get_results(null,ARRAY_N) as $one_row )
				{
					$i++;
					echo "<tr bgcolor=ffffff><td bgcolor=eeeeee nowrap align=middle><font size=2 color=555599 face=arial>$i</font></td>";
	
					foreach ( $one_row as $item )
					{
						echo "<td nowrap><font face=arial size=2>$item</font></td>";	
					}
	
					echo "</tr>";				
				}
	
			} // if last result
			else
			{
				echo "<tr bgcolor=ffffff><td colspan=".(count($this->col_info)+1)."><font face=arial size=2>No Results</font></td></tr>";			
			}
	
			echo "</table>";		
	
			} // if col_info
			else
			{
				echo "<font face=arial size=2>No Results</font>";			
			}
			
			echo "</blockquote></blockquote><hr noshade color=dddddd size=1>";
			
			
			$this->debug_called = true;
		}
	
	
	}
 
?>

Open in new window

0
sandbuddAuthor Commented:
functions.php
<?php
 
 
 
	function checkLogin ( $levels )
	{
		
		global $db;
		$kt = split ( ' ', $levels );
		
		if ( ! $_SESSION['logged_in'] ) {
		
			$access = FALSE;
			
			if ( isset ( $_COOKIE['cookie_id'] ) ) {//if we have a cookie
			
				$query =  'SELECT * FROM ' . DBPREFIX . 'users WHERE ID = ' . $db->qstr ( $_COOKIE['cookie_id'] );
 
				if ( $db->RecordCount ( $query ) == 1 ) {//only one user can match that query
					$row = $db->getRow ( $query );
					
					//let's see if we pass the validation, no monkey business
					if ( $_COOKIE['authenticate'] == md5 ( getIP () . $row->Password . $_SERVER['USER_AGENT'] ) ) {
						//we set the sessions so we don't repeat this step over and over again
						$_SESSION['user_id'] = $row->ID;				
						$_SESSION['logged_in'] = TRUE;
						
						//now we check the level access, we might not have the permission
						if ( in_array ( get_level_access ( $_SESSION['user_id'] ), $kt ) ) {
							//we do?! horray!
							$access = TRUE;
						}
					}
				}
			}
		}
		else {			
			$access = FALSE;
			
			if ( in_array ( get_level_access ( $_SESSION['user_id'] ), $kt ) ) {
				$access = TRUE;
			}
		}
		
		if ( $access == FALSE ) {
			header ( "Location: " . REDIRECT_TO_LOGIN );
		}		
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * get_level_access
	 *
	 * Returns the level access of a given user
	 *
	 * @param	string
	 * @access	public
	 * @return 	string
	 */
	
	function get_level_access ( $user_id )
	{
		global $db;
		$row = $db->getRow ( 'SELECT Level_access FROM ' . DBPREFIX . 'users WHERE ID = ' . $db->qstr ( $user_id ) );
		return $row->Level_access;
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * logout
	 *
	 * Handles logouts
	 *
	 * @param	none
	 * @access	public
	 */
	
	function logout ()
	{
		//session must be started before anything
		session_start ();
	
		//if we have a valid session
		if ( $_SESSION['logged_in'] == TRUE )
		{	
			//unset the sessions (all of them - array given)
			unset ( $_SESSION ); 
			//destroy what's left
			session_destroy (); 
		}
		
		//It is safest to set the cookies with a date that has already expired.
		if ( isset ( $_COOKIE['cookie_id'] ) && isset ( $_COOKIE['authenticate'] ) ) {
			/**
			 * uncomment the following line if you wish to remove all cookies 
			 * (don't forget to comment ore delete the following 2 lines if you decide to use clear_cookies)
			 */
			//clear_cookies ();
			setcookie ( "cookie_id", '', time() - KEEP_LOGGED_IN_FOR, COOKIE_PATH );
			setcookie ( "authenticate", '', time() - KEEP_LOGGED_IN_FOR, COOKIE_PATH );
		}
		
		//redirect the user to the default "logout" page
		header ( "Location: " . REDIRECT_ON_LOGOUT );
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * clear_cookies
	 *
	 * Clears the cookies
	 * Not used by default but present if needed
	 *
	 * @param	none
	 * @access	public
	 */
	
	function clear_cookies ()
	{
		// unset cookies
		if ( isset( $_SERVER['HTTP_COOKIE'] ) ) {
			$cookies = explode ( ';', $_SERVER['HTTP_COOKIE'] );
			//loop through the array of cookies and set them in the past
			foreach ( $cookies as $cookie ) {
				$parts = explode ( '=', $cookie );
				$name = trim ( $parts [ 0 ] );
				setcookie ( $name, '', time() - KEEP_LOGGED_IN_FOR );
				setcookie ( $name, '', time() - KEEP_LOGGED_IN_FOR, '/' );
			}
		}
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * set_login_sessions - sets the login sessions
	 *
	 * @access	public
	 * @param	string
	 * @return	none
	 */
	
	function set_login_sessions ( $user_id, $password, $remember )
	{
		//start the session
		session_start();
		
		//set the sessions
		$_SESSION['user_id'] = $user_id;
		$_SESSION['logged_in'] = TRUE;
		
		//do we have "remember me"?
		if ( $remember ) {
			setcookie ( "cookie_id", $user_id, time() + KEEP_LOGGED_IN_FOR, COOKIE_PATH );
			setcookie ( "authenticate", md5 ( getIP () . $password . $_SERVER['USER_AGENT'] ), time() + KEEP_LOGGED_IN_FOR, COOKIE_PATH );
		}
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * Validate if email
	 *
	 * Determines if the passed param is a valid email
	 *
	 * @access	public
	 * @param	string
	 * @return	bool
	 */
	
	function valid_email ( $str )
	{
		return ( ! preg_match ( "/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str ) ) ? FALSE : TRUE;
	}
 
	// ------------------------------------------------------------------------
	
	/**
	 * Check unique
	 *
	 * Performs a check to determine if one parameter is unique in the database
	 *
	 * @access	public
	 * @param	string
	 * @param	string
	 * @return	bool
	 */
 
 
	function checkUnique ( $field, $compared )
	{
		global $db;
 
		$query = $db->getRow ( "SELECT COUNT(*) as total FROM `" . DBPREFIX . "users` WHERE " . $field . " = " . $db->qstr ( $compared ) );
 
		if ( $query->total == 0 ) {
			return TRUE;
		}
		else {
			return FALSE;
		}
	}
 
	// ------------------------------------------------------------------------
	
	/**
	 * Validate if numeric
	 *
	 * Validates string against numeric characters
	 *
	 * @access	public
	 * @param	string
	 * @return	bool
	 */
 
 
	function numeric ( $str )
	{
		return ( ! ereg ( "^[0-9\.]+$", $str ) ) ? FALSE : TRUE;
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * Validate if alfa numeric
	 *
	 * Validates string against alpha numeric characters
	 *
	 * @access	public
	 * @param	string
	 * @return	bool
	 */
 
	function alpha_numeric ( $str )
	{
		return ( ! preg_match ( "/^([-a-z0-9])+$/i", $str ) ) ? FALSE : TRUE;
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * Create a Random String
	 *
	 * Useful for generating passwords or hashes.
	 *
	 * @access	public
	 * @param	string 	type of random string.  Options: alunum, numeric, nozero, unique
	 * @param	none
	 * @return	string
	 */
	 
	 
	function random_string ( $type = 'alnum', $len = 8 )
	{					
		switch ( $type )
		{
			case 'alnum'	:
			case 'numeric'	:
			case 'nozero'	:
			
					switch ($type)
					{
						case 'alnum'	:	$pool = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
							break;
						case 'numeric'	:	$pool = '0123456789';
							break;
						case 'nozero'	:	$pool = '123456789';
							break;
					}
	
					$str = '';
					for ( $i=0; $i < $len; $i++ )
					{
						$str .= substr ( $pool, mt_rand ( 0, strlen ( $pool ) -1 ), 1 );
					}
					return $str;
			break;
			case 'unique' : return md5 ( uniqid ( mt_rand () ) );
			break;
		}
	}
 
	// ------------------------------------------------------------------------
	
	/**
	 * Get username - Returns the username of the logged in member based on session ID
	 *
	 * @access	public
	 * @param	string
	 * @return	string/bool
	 */
	 
	 
	function get_username ( $id )
	{
		global $db;
		
		$query = "SELECT `Username` FROM `" . DBPREFIX . "users` WHERE `ID` = " . $db->qstr ( $id );
		
		if ( $db->RecordCount ( $query ) == 1 )
		{
			$row = $db->getRow ( $query );
			
			return $row->Username;
		}
		else {
			return FALSE;
		}
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * Is admin - Determines if the logged in member is an admin
	 *
	 * @access	public
	 * @param	string
	 * @return	bool
	 */
	 
	
	function isadmin ( $id )
	{
		global $db;
		
		$query = "SELECT `Level_access` FROM `" . DBPREFIX . "users` WHERE `ID` = " . $db->qstr ( $id );
		
		if ( $db->RecordCount ( $query ) == 1 )
		{
			$row = $db->getRow ( $query );
			
			if ( $row->Level_access == 1 )
			{
				return TRUE;
			}
			else {
				return FALSE;
			}
		}
		else {
			return FALSE;
		}
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * html2txt - converts html to text
	 *
	 * @access	public
	 * @param	string
	 * @return	string
	 */
	 
	function html2txt ( $document )
	{
		$search = array("'<script[^>]*?>.*?</script>'si",	// strip out javascript
				"'<[\/\!]*?[^<>]*?>'si",		// strip out html tags
				"'([\r\n])[\s]+'",			// strip out white space
				"'@<![\s\S]*?[ \t\n\r]*>@'",
				"'&(quot|#34|#034|#x22);'i",		// replace html entities
				"'&(amp|#38|#038|#x26);'i",		// added hexadecimal values
				"'&(lt|#60|#060|#x3c);'i",
				"'&(gt|#62|#062|#x3e);'i",
				"'&(nbsp|#160|#xa0);'i",
				"'&(iexcl|#161);'i",
				"'&(cent|#162);'i",
				"'&(pound|#163);'i",
				"'&(copy|#169);'i",
				"'&(reg|#174);'i",
				"'&(deg|#176);'i",
				"'&(#39|#039|#x27);'",
				"'&(euro|#8364);'i",			// europe
				"'&a(uml|UML);'",			// german
				"'&o(uml|UML);'",
				"'&u(uml|UML);'",
				"'&A(uml|UML);'",
				"'&O(uml|UML);'",
				"'&U(uml|UML);'",
				"'&szlig;'i",
				);
		$replace = array(	"",
					"",
					" ",
					"\"",
					"&",
					"<",
					">",
					" ",
					chr(161),
					chr(162),
					chr(163),
					chr(169),
					chr(174),
					chr(176),
					chr(39),
					chr(128),
					"ä",
					"ö",
					"ü",
					"Ä",
					"Ö",
					"Ü",
					"ß",
				);
 
		$text = preg_replace($search,$replace,$document);
 
		return trim ( $text );
	}
	
	// ------------------------------------------------------------------------
	
	/**
	 * send_email - Handles all emailing from one place
	 *
	 * @access	public
	 * @param	string
	 * @return	bool TRUE/FALSE
	 */
	 
	function send_email ( $subject, $to, $body )
	{
		require ( BASE_PATH . "/lib/phpmailer/class.phpmailer.php" );
		
		$mail = new PHPMailer();
		
		//do we use SMTP?
		if ( USE_SMTP ) {
			$mail->IsSMTP();
			$mail->SMTPAuth = true;
			$mail->Host = SMTP_HOST;
			$mail->Port = SMTP_PORT;
			$mail->Password = SMTP_PASS;
			$mail->Username = SMTP_USER;
		}
 
		$mail->From = ADMIN_EMAIL;
		$mail->FromName = DOMAIN_NAME;
		$mail->AddAddress( $to );
		$mail->AddReplyTo ( ADMIN_EMAIL, DOMAIN_NAME );
		$mail->Subject = $subject;
		$mail->Body = $body;
		$mail->WordWrap = 100;
		$mail->IsHTML ( MAIL_IS_HTML );
		$mail->AltBody  =  html2txt ( $body );
 
		if ( ! $mail->Send() ) {
			if ( RUN_ON_DEVELOPMENT ) {
				echo $mail->ErrorInfo;//spit that bug out :P
			}
			return FALSE;
		}
		else {
			return TRUE;
		}
	}
	
	/**
	 * ip_first - let's get a clean ip
	 *
	 * @access	public
	 * @param	string
	 * @return	string
	 */
 
	function ip_first ( $ips ) 
	{
		if ( ( $pos = strpos ( $ips, ',' ) ) != false ) {
			return substr ( $ips, 0, $pos );
		} 
		else {
			return $ips;
		}
	}
	
	/**
	 * ip_valid - will try to determine if a given ip is valid or not
	 *
	 * @access	public
	 * @param	string
	 * @return	bool
	 */
 
	function ip_valid ( $ips )
	{
		if ( isset( $ips ) ) {
			$ip    = ip_first ( $ips );
			$ipnum = ip2long ( $ip );
			if ( $ipnum !== -1 && $ipnum !== false && ( long2ip ( $ipnum ) === $ip ) ) {
				if ( ( $ipnum < 167772160   || $ipnum > 184549375 ) && // Not in 10.0.0.0/8
				( $ipnum < - 1408237568 || $ipnum > - 1407188993 ) && // Not in 172.16.0.0/12
				( $ipnum < - 1062731776 || $ipnum > - 1062666241 ) )   // Not in 192.168.0.0/16
				return true;
			}
		}
		return false;
	}
	
	/**
	 * getIP - returns the IP of the visitor
	 *
	 * @access	public
	 * @param	none
	 * @return	string
	 */
 
	function getIP () 
	{
		$check = array(
				'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_FORWARDED_FOR',
				'HTTP_FORWARDED', 'HTTP_VIA', 'HTTP_X_COMING_FROM', 'HTTP_COMING_FROM',
				'HTTP_CLIENT_IP'
				);
 
		foreach ( $check as $c ) {
			if ( ip_valid ( &$_SERVER [ $c ] ) ) {
				return ip_first ( $_SERVER [ $c ] );
			}
		}
 
		return $_SERVER['REMOTE_ADDR'];
	}
	
	/**
	 * powered_by - let's thank the man for losing nights so I can play with such tools
	 *
	 * @access	public
	 * @param	none
	 * @return	string
	 */
	
	function powered_by ()
	{
		$out = '';
 
		$out .= '<div align="right" class="powered">' . "\n";
		$out .= '			Powered by ' . "\n";
		$out .= '			<a href="http://www.roscripts.com" title="roscripts - Programming articles, tutorials and scripts" target="_blank">' . "\n";
		$out .= '				roScripts' . "\n";
		$out .= '			</a>' . "\n";
		$out .= '		</div>' . "\n";
		
		return $out;
	}
	
	/**
	 * sanitize - a real sanitizer
	 *
	 * @access	public
	 * @param	none
	 * @return	string
	 */
	 
	function sanitize ( $var, $santype = 3 )
	{
		if ( $santype == 1 ) {
			return strip_tags ( $var );
		}
		if ( $santype == 2 ) {
			return htmlentities ( strip_tags ( $var ), ENT_QUOTES, 'UTF-8' );
		}
		if ( $santype == 3 ) {
			if ( ! get_magic_quotes_gpc () ) {
				return addslashes ( htmlentities ( strip_tags ( $var ), ENT_QUOTES, 'UTF-8' ) );
			}
			else {
			   return htmlentities ( strip_tags ( $var ), ENT_QUOTES, 'UTF-8' );
			}
		}
	}
?>

Open in new window

0
sandbuddAuthor Commented:
settings.php
<?php
require ( 'lib/connection.php' );			
define ( "HOSTNAME", "" );			// - hostname - nedded to access the database
define ( "DATABASE", "" );				// - database name - the name of your mysql database
define ( "DBUSER", "" );				// - database user - what user should we use to access the database
define ( "DBPASS", "" );			// - database password - what password should we use to access the database
define ( "DBPREFIX", "" );				// - db prefix - would you like to use a prefix for your table?
define ( "APPLICATION_URL", "http://www.sandbudd.com/login/" );// - app. url - the url that points to our application ( ! with trailing slash )
define ( "APPLICATION_FOLDER", "login" );		// - do we have a folder where we store our scripts? ( ! no slashes )
define ( "REDIRECT_TO_LOGIN", "login.php" );		// - where should we redirect visitors if the access is restricted?
define ( "REDIRECT_AFTER_LOGIN", "members.php" );	// - where should we redirect members after logging in?
define ( "REDIRECT_ON_LOGOUT", "login.php" );		// - where should we redirect on logout?
define ( "ADMIN_EMAIL", "info@sandbudd.com" );	// - what email should we use to contact our members?
define ( "KEEP_LOGGED_IN_FOR", 60*60*24*100 );		// - if they chose to be remembered, how long should the cookies remain active ( default is 100 days )
define ( "COOKIE_PATH", "/" );				// - where should the cookies be active ( '/' means the whole domain. )
define ( "DOMAIN_NAME", "www.sandbuddc.com" );		// - the domain name that we use
define ( "RUN_ON_DEVELOPMENT", TRUE );			// - TRUE if you wish to see the nasty errors for debugging, FALSE to hide them
define ( "REDIRECT_AFTER_CONFIRMATION", TRUE );		// - TRUE if you want to redirect your users to the members page after they confirm their membership
define ( "ALLOW_USERNAME_CHANGE", FALSE );		// - do we let our members update their usernames as well? ( FALSE stands for no )
define ( "ALLOW_REMEMBER_ME", TRUE );			// - do we let our members use the "remember me" feature
 
 
/*
|---------------------------------------------------------------
| EMAILING VARIABLES
|---------------------------------------------------------------
|
| Emailing variables needed by phpmailer
|
*/
define ( "USE_SMTP", FALSE );				// - do you want to use SMTP to send out emails? TRUE or FALSE ( mail() will be used )
define ( "SMTP_PORT", "" );				// - what port should we use for smtp ( only needed if SMTP is set to TRUE )
define ( "SMTP_HOST", "" );		// - what host should we use for smtp ( only needed if SMTP is set to TRUE )
define ( "SMTP_USER", "" );		// - what user should we use for smtp ( only needed if SMTP is set to TRUE )
define ( "SMTP_PASS", "" );		// - what password should we use for smtp (only needed if SMTP is set to TRUE)
define ( "MAIL_IS_HTML", FALSE );			// - send emails as html or text? ( TRUE for html and FALSE for text )
 
 
############################################################# DON'T EDIT BELOW THIS LINE ########################################
 
 
/*
|---------------------------------------------------------------
| SET THE SERVER PATH
|---------------------------------------------------------------
|
| Let's attempt to determine the full-server path to the "system"
| folder in order to reduce the possibility of path problems.
|
*/
if ( function_exists ( 'realpath' ) AND @realpath ( dirname (__FILE__) ) !== FALSE )
{
	define ( "BASE_PATH", str_replace ( "\\", "/", realpath ( dirname(__FILE__) ) ) . '/' );
}
 
 
//how do we handle errors
error_reporting ( ( RUN_ON_DEVELOPMENT ) ? E_ALL : E_WARNING );
if ( file_exists ( BASE_PATH . 'install.php' ) )
{
	die ( "Please delete install.php from your server before continuing!" );
}
 
 
$db = new db ( DBUSER, DBPASS, DATABASE, HOSTNAME );	// - and away we go
?>

Open in new window

0
sandbuddAuthor Commented:
will wait for your suggestion
0
sandbuddAuthor Commented:
still around?
0
nplibCommented:
yes, give me sometime.
0
sandbuddAuthor Commented:
kk
0
nplibCommented:
first of all, I've seen this code before, it's from WordPress.

Second, what happened to
require ( 'functions.php' );
from the settings.php, why was it removed?

from connections.php
$this->dbh is trying to set a variable that was never initalize.

Order of functions matter, your calling functions before they are declared.

$this->select($dbname);

is called before the function is even declared.

you need to reorder your db class functions. Order them so they call functions after they are declared.

you should also have

      class db {
      
            // ==================================================================
            //      DB Constructor - connects to the server and selects a database
            
                public $dbh; //declaring the dbh variable
            function db($dbuser, $dbpassword, $dbname, $dbhost)
            {
0
sandbuddAuthor Commented:
don't know why it was removed and I readded it... I am a novice at this and do not understand what I need to do?  If you could give me an example that I can look at would appreciate it.
0
sandbuddAuthor Commented:
I did it just like your example and am back to a blank page?
0
nplibCommented:
show me your new connection.php page
0
sandbuddAuthor Commented:
connections.php
<?
 
	
	define("EZSQL_VERSION","1.01");
	define("OBJECT","OBJECT",true);
	define("ARRAY_A","ARRAY_A",true);
	define("ARRAY_N","ARRAY_N",true);
 
	// ==================================================================
	//	The Main Class
	
	class db {
	
		// ==================================================================
		//	DB Constructor - connects to the server and selects a database
		public $dbh; //declaring the dbh variable
		function db($dbuser, $dbpassword, $dbname, $dbhost)
		{
	
			$this->dbh = @mysql_connect($dbhost,$dbuser,$dbpassword);
			
			if ( ! $this->dbh )
			{
				$this->print_error("<ol><b>Error establishing a database connection!</b><li>Are you sure you have the correct user/password?<li>Are you sure that you have typed the correct hostname?<li>Are you sure that the database server is running?</ol>");
			}
			
				
			$this->select($dbname);
		
		}
		
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
	
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
	
		// ==================================================================
		//	Basic Query	- see docs for more detail
		
		function query($query, $output = OBJECT) 
		{
			
			// Log how the function was called
			$this->func_call = "\$db->query(\"$query\", $output)";		
			
			// Kill this
			$this->last_result = null;
			$this->col_info = null;
	
			// Keep track of the last query for debug..
			$this->last_query = $query;
			
			// Perform the query via std mysql_query function..
			$this->result = mysql_query($query,$this->dbh);
	
			if ( mysql_error() ) 
			{				
				// If there is an error then take note of it..
				$this->print_error();
				return FALSE;	
			}
			else {
	
				// In other words if this was a select statement..
				if ( $this->result )
				{
	
					// =======================================================
					// Take note of column info
					
					$i=0;
					while ($i < @mysql_num_fields($this->result))
					{
						$this->col_info[$i] = @mysql_fetch_field($this->result);
						$i++;
					}
	
					// =======================================================				
					// Store Query Results
					
					$i=0;
					while ( $row = @mysql_fetch_object($this->result) )
					{ 
	
						// Store relults as an objects within main array
						$this->last_result[$i] = $row;
						
						$i++;
					}
					
					@mysql_free_result($this->result);
				}
				
				return TRUE;
	
			}
		}
		
		// ==================================================================
		//
		
		function RecordCount ( $query )
		{
			return mysql_num_rows ( mysql_query ( $query ) );
		}
		
		// ==================================================================
		//
		
		function Mresult ( $query, $a, $b )
		{
			return mysql_result ( mysql_query ( $query ), $a, $b );
		}
		
		/**
		 * Correctly quotes a string so that all strings are escape coded.
		 * 
		 * @param string			the string to quote
		 * @param [magic_quotes]	if $s is GET/POST var, set to get_magic_quotes_gpc().
		 */
 
		function qstr ( $string, $magic_quotes = false )
		{
			if (!$magic_quotes) {
				if (strnatcmp(PHP_VERSION, '4.3.0') >= 0) {
					return "'" . mysql_real_escape_string($string) . "'";
				}
				$string = str_replace("'", "\\'" , str_replace('\\', '\\\\', str_replace("\0", "\\\0", $string)));
				return  "'" . $string . "'"; 
			}
			return "'" . str_replace('\\"', '"', $string) . "'";
		}
	
		// ==================================================================
		//	Get one variable from the DB - see docs for more detail
		
		function get_var($query=null,$x=0,$y=0)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_var(\"$query\",$x,$y)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract var out of cached results based x,y vals
			if ( $this->last_result[$y] )
			{
				$values = array_values(get_object_vars($this->last_result[$y]));
			}
			
			// If there is a value return it else return null
			return $values[$x]?$values[$x]:null;
		}
	
		// ==================================================================
		//	Get one row from the DB - see docs for more detail
		
		function getRow($query=null,$y=0,$output=OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->getRow(\"$query\",$y,$output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
	
			// If the output is an object then return object using the row offset..
			if ( $output == OBJECT )
			{
				return $this->last_result[$y]?$this->last_result[$y]:null;
			}
			// If the output is an associative array then return row as such..
			elseif ( $output == ARRAY_A )
			{
				return $this->last_result[$y]?get_object_vars($this->last_result[$y]):null;	
			}
			// If the output is an numerical array then return row as such..
			elseif ( $output == ARRAY_N )
			{
				return $this->last_result[$y]?array_values(get_object_vars($this->last_result[$y])):null;
			}
			// If invalid output type was specified..
			else
			{
				$this->print_error(" \$db->getRow(string query,int offset,output type) -- Output type must be one of: OBJECT, ARRAY_A, ARRAY_N ");	
			}
	
		}
	
		// ==================================================================
		//	Function to get 1 column from the cached result set based in X index
		// se docs for usage and info
	
		function get_col($query=null,$x=0)
		{
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract the column values
			for ( $i=0; $i < count($this->last_result); $i++ )
			{
				$new_array[$i] = $this->get_var(null,$x,$i);
			}
			
			return $new_array;
		}
	
		// ==================================================================
		// Return the the query as a result set - see docs for more details
		
		function get_results($query=null, $output = OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_results(\"$query\", $output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}		
	
			// Send back array of objects. Each row is an object		
			if ( $output == OBJECT )
			{
				return $this->last_result; 
			}
			elseif ( $output == ARRAY_A || $output == ARRAY_N )
			{
				if ( $this->last_result )
				{
					$i=0;
					foreach( $this->last_result as $row )
					{
						
						$new_array[$i] = get_object_vars($row);
						
						if ( $output == ARRAY_N )
						{
							$new_array[$i] = array_values($new_array[$i]);
						}
	
						$i++;
					}
				
					return $new_array;
				}
				else
				{
					return null;	
				}
			}
		}
	
	
		// ==================================================================
		// Function to get column meta data info pertaining to the last query
		// see docs for more info and usage
		
		function get_col_info($info_type="name",$col_offset=-1)
		{
	
			if ( $this->col_info )
			{
				if ( $col_offset == -1 )
				{
					$i=0;
					foreach($this->col_info as $col )
					{
						$new_array[$i] = $col->{$info_type};
						$i++;
					}
					return $new_array;
				}
				else
				{
					return $this->col_info[$col_offset]->{$info_type};
				}
			
			}
			
		}
	
	
		// ==================================================================
		// Dumps the contents of any input variable to screen in a nicely
		// formatted and easy to understand way - any type: Object, Var or Array
	
		function vardump($mixed)
		{
 
			echo "<blockquote><font color=000090>";
			echo "<pre><font face=arial>";
			
			if ( ! $this->vardump_called )
			{
				echo "<font color=800080><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Variable Dump..</b></font>\n\n";
			}
	
			print_r($mixed);	
			echo "\n\n<b>Last Query:</b> ".($this->last_query?$this->last_query:"NULL")."\n";
			echo "<b>Last Function Call:</b> " . ($this->func_call?$this->func_call:"None")."\n";
			echo "<b>Last Rows Returned:</b> ".count($this->last_result)."\n";
			echo "</font></pre></font></blockquote>";
			echo "\n<hr size=1 noshade color=dddddd>";
			
			$this->vardump_called = true;
 
		}
	
		// Alias for the above function	
		function dumpvars($mixed)
		{
			$this->vardump($mixed);	
		}
	
		// ==================================================================
		// Displays the last query string that was sent to the database & a 
		// table listing results (if there were any). 
		// (abstracted into a seperate file to save server overhead).
		
		function debug()
		{
			
			echo "<blockquote>";
	
			// Only show ezSQL credits once..
			if ( ! $this->debug_called )
			{
				echo "<font color=800080 face=arial size=2><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Debug..</b></font><p>\n";
			}
			echo "<font face=arial size=2 color=000099><b>Query --</b> ";
			echo "[<font color=000000><b>$this->last_query</b></font>]</font><p>";
	
				echo "<font face=arial size=2 color=000099><b>Query Result..</b></font>";
				echo "<blockquote>";
				
			if ( $this->col_info )
			{
				
				// =====================================================
				// Results top rows
				
				echo "<table cellpadding=5 cellspacing=1 bgcolor=555555>";
				echo "<tr bgcolor=eeeeee><td nowrap valign=bottom><font color=555599 face=arial size=2><b>(row)</b></font></td>";
	
	
				for ( $i=0; $i < count($this->col_info); $i++ )
				{
					echo "<td nowrap align=left valign=top><font size=1 color=555599 face=arial>{$this->col_info[$i]->type} {$this->col_info[$i]->max_length}<br><font size=2><b>{$this->col_info[$i]->name}</b></font></td>";
				}
	
				echo "</tr>";
	
				// ======================================================
				// print main results
	
			if ( $this->last_result )
			{
	
				$i=0;
				foreach ( $this->get_results(null,ARRAY_N) as $one_row )
				{
					$i++;
					echo "<tr bgcolor=ffffff><td bgcolor=eeeeee nowrap align=middle><font size=2 color=555599 face=arial>$i</font></td>";
	
					foreach ( $one_row as $item )
					{
						echo "<td nowrap><font face=arial size=2>$item</font></td>";	
					}
	
					echo "</tr>";				
				}
	
			} // if last result
			else
			{
				echo "<tr bgcolor=ffffff><td colspan=".(count($this->col_info)+1)."><font face=arial size=2>No Results</font></td></tr>";			
			}
	
			echo "</table>";		
	
			} // if col_info
			else
			{
				echo "<font face=arial size=2>No Results</font>";			
			}
			
			echo "</blockquote></blockquote><hr noshade color=dddddd size=1>";
			
			
			$this->debug_called = true;
		}
	
	
	}
 
?>

Open in new window

0
nplibCommented:
ok, you didn't reorder you class functions..

Your first function is db(),

but in the function you call print_error() and select(), but you call them before the are even written.
you need to reorder you whole class, so that it doesn't call a function before the function even exists.

for example,


<?
 
	
	define("EZSQL_VERSION","1.01");
	define("OBJECT","OBJECT",true);
	define("ARRAY_A","ARRAY_A",true);
	define("ARRAY_N","ARRAY_N",true);
 
	// ==================================================================
	//	The Main Class
	
	class db {
 
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
		
		// ==================================================================
		//	DB Constructor - connects to the server and selects a database
		public $dbh; //declaring the dbh variable
		function db($dbuser, $dbpassword, $dbname, $dbhost)
		{
	
			$this->dbh = @mysql_connect($dbhost,$dbuser,$dbpassword);
			
			if ( ! $this->dbh )
			{
				$this->print_error("<ol><b>Error establishing a database connection!</b><li>Are you sure you have the correct user/password?<li>Are you sure that you have typed the correct hostname?<li>Are you sure that the database server is running?</ol>");
			}
			
				
			$this->select($dbname);
		
		}
.......................................etc		

Open in new window

0
sandbuddAuthor Commented:
Im still getting a blank page?
<?
 
	
	define("EZSQL_VERSION","1.01");
	define("OBJECT","OBJECT",true);
	define("ARRAY_A","ARRAY_A",true);
	define("ARRAY_N","ARRAY_N",true);
 
	// ==================================================================
	//	The Main Class
	
	class db {
 
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
		
		// ==================================================================
		//	DB Constructor - connects to the server and selects a database
		public $dbh; //declaring the dbh variable
		function db($dbuser, $dbpassword, $dbname, $dbhost)
		{
	
			$this->dbh = @mysql_connect($dbhost,$dbuser,$dbpassword);
			
			if ( ! $this->dbh )
			{
				$this->print_error("<ol><b>Error establishing a database connection!</b><li>Are you sure you have the correct user/password?<li>Are you sure that you have typed the correct hostname?<li>Are you sure that the database server is running?</ol>");
			}
			
				
			$this->select($dbname);
		
		}
 
		
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
	
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
	
		// ==================================================================
		//	Basic Query	- see docs for more detail
		
		function query($query, $output = OBJECT) 
		{
			
			// Log how the function was called
			$this->func_call = "\$db->query(\"$query\", $output)";		
			
			// Kill this
			$this->last_result = null;
			$this->col_info = null;
	
			// Keep track of the last query for debug..
			$this->last_query = $query;
			
			// Perform the query via std mysql_query function..
			$this->result = mysql_query($query,$this->dbh);
	
			if ( mysql_error() ) 
			{				
				// If there is an error then take note of it..
				$this->print_error();
				return FALSE;	
			}
			else {
	
				// In other words if this was a select statement..
				if ( $this->result )
				{
	
					// =======================================================
					// Take note of column info
					
					$i=0;
					while ($i < @mysql_num_fields($this->result))
					{
						$this->col_info[$i] = @mysql_fetch_field($this->result);
						$i++;
					}
	
					// =======================================================				
					// Store Query Results
					
					$i=0;
					while ( $row = @mysql_fetch_object($this->result) )
					{ 
	
						// Store relults as an objects within main array
						$this->last_result[$i] = $row;
						
						$i++;
					}
					
					@mysql_free_result($this->result);
				}
				
				return TRUE;
	
			}
		}
		
		// ==================================================================
		//
		
		function RecordCount ( $query )
		{
			return mysql_num_rows ( mysql_query ( $query ) );
		}
		
		// ==================================================================
		//
		
		function Mresult ( $query, $a, $b )
		{
			return mysql_result ( mysql_query ( $query ), $a, $b );
		}
		
		/**
		 * Correctly quotes a string so that all strings are escape coded.
		 * 
		 * @param string			the string to quote
		 * @param [magic_quotes]	if $s is GET/POST var, set to get_magic_quotes_gpc().
		 */
 
		function qstr ( $string, $magic_quotes = false )
		{
			if (!$magic_quotes) {
				if (strnatcmp(PHP_VERSION, '4.3.0') >= 0) {
					return "'" . mysql_real_escape_string($string) . "'";
				}
				$string = str_replace("'", "\\'" , str_replace('\\', '\\\\', str_replace("\0", "\\\0", $string)));
				return  "'" . $string . "'"; 
			}
			return "'" . str_replace('\\"', '"', $string) . "'";
		}
	
		// ==================================================================
		//	Get one variable from the DB - see docs for more detail
		
		function get_var($query=null,$x=0,$y=0)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_var(\"$query\",$x,$y)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract var out of cached results based x,y vals
			if ( $this->last_result[$y] )
			{
				$values = array_values(get_object_vars($this->last_result[$y]));
			}
			
			// If there is a value return it else return null
			return $values[$x]?$values[$x]:null;
		}
	
		// ==================================================================
		//	Get one row from the DB - see docs for more detail
		
		function getRow($query=null,$y=0,$output=OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->getRow(\"$query\",$y,$output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
	
			// If the output is an object then return object using the row offset..
			if ( $output == OBJECT )
			{
				return $this->last_result[$y]?$this->last_result[$y]:null;
			}
			// If the output is an associative array then return row as such..
			elseif ( $output == ARRAY_A )
			{
				return $this->last_result[$y]?get_object_vars($this->last_result[$y]):null;	
			}
			// If the output is an numerical array then return row as such..
			elseif ( $output == ARRAY_N )
			{
				return $this->last_result[$y]?array_values(get_object_vars($this->last_result[$y])):null;
			}
			// If invalid output type was specified..
			else
			{
				$this->print_error(" \$db->getRow(string query,int offset,output type) -- Output type must be one of: OBJECT, ARRAY_A, ARRAY_N ");	
			}
	
		}
	
		// ==================================================================
		//	Function to get 1 column from the cached result set based in X index
		// se docs for usage and info
	
		function get_col($query=null,$x=0)
		{
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract the column values
			for ( $i=0; $i < count($this->last_result); $i++ )
			{
				$new_array[$i] = $this->get_var(null,$x,$i);
			}
			
			return $new_array;
		}
	
		// ==================================================================
		// Return the the query as a result set - see docs for more details
		
		function get_results($query=null, $output = OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_results(\"$query\", $output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}		
	
			// Send back array of objects. Each row is an object		
			if ( $output == OBJECT )
			{
				return $this->last_result; 
			}
			elseif ( $output == ARRAY_A || $output == ARRAY_N )
			{
				if ( $this->last_result )
				{
					$i=0;
					foreach( $this->last_result as $row )
					{
						
						$new_array[$i] = get_object_vars($row);
						
						if ( $output == ARRAY_N )
						{
							$new_array[$i] = array_values($new_array[$i]);
						}
	
						$i++;
					}
				
					return $new_array;
				}
				else
				{
					return null;	
				}
			}
		}
	
	
		// ==================================================================
		// Function to get column meta data info pertaining to the last query
		// see docs for more info and usage
		
		function get_col_info($info_type="name",$col_offset=-1)
		{
	
			if ( $this->col_info )
			{
				if ( $col_offset == -1 )
				{
					$i=0;
					foreach($this->col_info as $col )
					{
						$new_array[$i] = $col->{$info_type};
						$i++;
					}
					return $new_array;
				}
				else
				{
					return $this->col_info[$col_offset]->{$info_type};
				}
			
			}
			
		}
	
	
		// ==================================================================
		// Dumps the contents of any input variable to screen in a nicely
		// formatted and easy to understand way - any type: Object, Var or Array
	
		function vardump($mixed)
		{
 
			echo "<blockquote><font color=000090>";
			echo "<pre><font face=arial>";
			
			if ( ! $this->vardump_called )
			{
				echo "<font color=800080><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Variable Dump..</b></font>\n\n";
			}
	
			print_r($mixed);	
			echo "\n\n<b>Last Query:</b> ".($this->last_query?$this->last_query:"NULL")."\n";
			echo "<b>Last Function Call:</b> " . ($this->func_call?$this->func_call:"None")."\n";
			echo "<b>Last Rows Returned:</b> ".count($this->last_result)."\n";
			echo "</font></pre></font></blockquote>";
			echo "\n<hr size=1 noshade color=dddddd>";
			
			$this->vardump_called = true;
 
		}
	
		// Alias for the above function	
		function dumpvars($mixed)
		{
			$this->vardump($mixed);	
		}
	
		// ==================================================================
		// Displays the last query string that was sent to the database & a 
		// table listing results (if there were any). 
		// (abstracted into a seperate file to save server overhead).
		
		function debug()
		{
			
			echo "<blockquote>";
	
			// Only show ezSQL credits once..
			if ( ! $this->debug_called )
			{
				echo "<font color=800080 face=arial size=2><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Debug..</b></font><p>\n";
			}
			echo "<font face=arial size=2 color=000099><b>Query --</b> ";
			echo "[<font color=000000><b>$this->last_query</b></font>]</font><p>";
	
				echo "<font face=arial size=2 color=000099><b>Query Result..</b></font>";
				echo "<blockquote>";
				
			if ( $this->col_info )
			{
				
				// =====================================================
				// Results top rows
				
				echo "<table cellpadding=5 cellspacing=1 bgcolor=555555>";
				echo "<tr bgcolor=eeeeee><td nowrap valign=bottom><font color=555599 face=arial size=2><b>(row)</b></font></td>";
	
	
				for ( $i=0; $i < count($this->col_info); $i++ )
				{
					echo "<td nowrap align=left valign=top><font size=1 color=555599 face=arial>{$this->col_info[$i]->type} {$this->col_info[$i]->max_length}<br><font size=2><b>{$this->col_info[$i]->name}</b></font></td>";
				}
	
				echo "</tr>";
	
				// ======================================================
				// print main results
	
			if ( $this->last_result )
			{
	
				$i=0;
				foreach ( $this->get_results(null,ARRAY_N) as $one_row )
				{
					$i++;
					echo "<tr bgcolor=ffffff><td bgcolor=eeeeee nowrap align=middle><font size=2 color=555599 face=arial>$i</font></td>";
	
					foreach ( $one_row as $item )
					{
						echo "<td nowrap><font face=arial size=2>$item</font></td>";	
					}
	
					echo "</tr>";				
				}
	
			} // if last result
			else
			{
				echo "<tr bgcolor=ffffff><td colspan=".(count($this->col_info)+1)."><font face=arial size=2>No Results</font></td></tr>";			
			}
	
			echo "</table>";		
	
			} // if col_info
			else
			{
				echo "<font face=arial size=2>No Results</font>";			
			}
			
			echo "</blockquote></blockquote><hr noshade color=dddddd size=1>";
			
			
			$this->debug_called = true;
		}
	
	
	}
 
?>

Open in new window

0
NerdsOfTechTechnology ScientistCommented:
Dont forget your <?php :)
<?php
 
	
	define("EZSQL_VERSION","1.01");
	define("OBJECT","OBJECT",true);
	define("ARRAY_A","ARRAY_A",true);
	define("ARRAY_N","ARRAY_N",true);
 
	// ==================================================================
	//	The Main Class
	
	class db {
 
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
		
		// ==================================================================
		//	DB Constructor - connects to the server and selects a database
		public $dbh; //declaring the dbh variable
		function db($dbuser, $dbpassword, $dbname, $dbhost)
		{
	
			$this->dbh = @mysql_connect($dbhost,$dbuser,$dbpassword);
			
			if ( ! $this->dbh )
			{
				$this->print_error("<ol><b>Error establishing a database connection!</b><li>Are you sure you have the correct user/password?<li>Are you sure that you have typed the correct hostname?<li>Are you sure that the database server is running?</ol>");
			}
			
				
			$this->select($dbname);
		
		}
 
		
		// ==================================================================
		//	Select a DB (if another one needs to be selected)
		
		function select($db)
		{
			if ( !@mysql_select_db($db,$this->dbh))
			{
				$this->print_error("<ol><b>Error selecting database <u>$db</u>!</b><li>Are you sure it exists?<li>Are you sure there is a valid database connection?</ol>");
			}
		}
	
		// ==================================================================
		//	Print SQL/DB error.
	
		function print_error($str = "")
		{
			
			if ( !$str ) $str = mysql_error();
			
			// If there is an error then take note of it
			print "<blockquote><font face=arial size=2 color=ff0000>";
			print "<b>SQL/DB Error --</b> ";
			print "[<font color=000077>$str</font>]";
			print "</font></blockquote>";	
		}
	
		// ==================================================================
		//	Basic Query	- see docs for more detail
		
		function query($query, $output = OBJECT) 
		{
			
			// Log how the function was called
			$this->func_call = "\$db->query(\"$query\", $output)";		
			
			// Kill this
			$this->last_result = null;
			$this->col_info = null;
	
			// Keep track of the last query for debug..
			$this->last_query = $query;
			
			// Perform the query via std mysql_query function..
			$this->result = mysql_query($query,$this->dbh);
	
			if ( mysql_error() ) 
			{				
				// If there is an error then take note of it..
				$this->print_error();
				return FALSE;	
			}
			else {
	
				// In other words if this was a select statement..
				if ( $this->result )
				{
	
					// =======================================================
					// Take note of column info
					
					$i=0;
					while ($i < @mysql_num_fields($this->result))
					{
						$this->col_info[$i] = @mysql_fetch_field($this->result);
						$i++;
					}
	
					// =======================================================				
					// Store Query Results
					
					$i=0;
					while ( $row = @mysql_fetch_object($this->result) )
					{ 
	
						// Store relults as an objects within main array
						$this->last_result[$i] = $row;
						
						$i++;
					}
					
					@mysql_free_result($this->result);
				}
				
				return TRUE;
	
			}
		}
		
		// ==================================================================
		//
		
		function RecordCount ( $query )
		{
			return mysql_num_rows ( mysql_query ( $query ) );
		}
		
		// ==================================================================
		//
		
		function Mresult ( $query, $a, $b )
		{
			return mysql_result ( mysql_query ( $query ), $a, $b );
		}
		
		/**
		 * Correctly quotes a string so that all strings are escape coded.
		 * 
		 * @param string			the string to quote
		 * @param [magic_quotes]	if $s is GET/POST var, set to get_magic_quotes_gpc().
		 */
 
		function qstr ( $string, $magic_quotes = false )
		{
			if (!$magic_quotes) {
				if (strnatcmp(PHP_VERSION, '4.3.0') >= 0) {
					return "'" . mysql_real_escape_string($string) . "'";
				}
				$string = str_replace("'", "\\'" , str_replace('\\', '\\\\', str_replace("\0", "\\\0", $string)));
				return  "'" . $string . "'"; 
			}
			return "'" . str_replace('\\"', '"', $string) . "'";
		}
	
		// ==================================================================
		//	Get one variable from the DB - see docs for more detail
		
		function get_var($query=null,$x=0,$y=0)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_var(\"$query\",$x,$y)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract var out of cached results based x,y vals
			if ( $this->last_result[$y] )
			{
				$values = array_values(get_object_vars($this->last_result[$y]));
			}
			
			// If there is a value return it else return null
			return $values[$x]?$values[$x]:null;
		}
	
		// ==================================================================
		//	Get one row from the DB - see docs for more detail
		
		function getRow($query=null,$y=0,$output=OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->getRow(\"$query\",$y,$output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
	
			// If the output is an object then return object using the row offset..
			if ( $output == OBJECT )
			{
				return $this->last_result[$y]?$this->last_result[$y]:null;
			}
			// If the output is an associative array then return row as such..
			elseif ( $output == ARRAY_A )
			{
				return $this->last_result[$y]?get_object_vars($this->last_result[$y]):null;	
			}
			// If the output is an numerical array then return row as such..
			elseif ( $output == ARRAY_N )
			{
				return $this->last_result[$y]?array_values(get_object_vars($this->last_result[$y])):null;
			}
			// If invalid output type was specified..
			else
			{
				$this->print_error(" \$db->getRow(string query,int offset,output type) -- Output type must be one of: OBJECT, ARRAY_A, ARRAY_N ");	
			}
	
		}
	
		// ==================================================================
		//	Function to get 1 column from the cached result set based in X index
		// se docs for usage and info
	
		function get_col($query=null,$x=0)
		{
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}
			
			// Extract the column values
			for ( $i=0; $i < count($this->last_result); $i++ )
			{
				$new_array[$i] = $this->get_var(null,$x,$i);
			}
			
			return $new_array;
		}
	
		// ==================================================================
		// Return the the query as a result set - see docs for more details
		
		function get_results($query=null, $output = OBJECT)
		{
			
			// Log how the function was called
			$this->func_call = "\$db->get_results(\"$query\", $output)";
			
			// If there is a query then perform it if not then use cached results..
			if ( $query )
			{
				$this->query($query);
			}		
	
			// Send back array of objects. Each row is an object		
			if ( $output == OBJECT )
			{
				return $this->last_result; 
			}
			elseif ( $output == ARRAY_A || $output == ARRAY_N )
			{
				if ( $this->last_result )
				{
					$i=0;
					foreach( $this->last_result as $row )
					{
						
						$new_array[$i] = get_object_vars($row);
						
						if ( $output == ARRAY_N )
						{
							$new_array[$i] = array_values($new_array[$i]);
						}
	
						$i++;
					}
				
					return $new_array;
				}
				else
				{
					return null;	
				}
			}
		}
	
	
		// ==================================================================
		// Function to get column meta data info pertaining to the last query
		// see docs for more info and usage
		
		function get_col_info($info_type="name",$col_offset=-1)
		{
	
			if ( $this->col_info )
			{
				if ( $col_offset == -1 )
				{
					$i=0;
					foreach($this->col_info as $col )
					{
						$new_array[$i] = $col->{$info_type};
						$i++;
					}
					return $new_array;
				}
				else
				{
					return $this->col_info[$col_offset]->{$info_type};
				}
			
			}
			
		}
	
	
		// ==================================================================
		// Dumps the contents of any input variable to screen in a nicely
		// formatted and easy to understand way - any type: Object, Var or Array
	
		function vardump($mixed)
		{
 
			echo "<blockquote><font color=000090>";
			echo "<pre><font face=arial>";
			
			if ( ! $this->vardump_called )
			{
				echo "<font color=800080><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Variable Dump..</b></font>\n\n";
			}
	
			print_r($mixed);	
			echo "\n\n<b>Last Query:</b> ".($this->last_query?$this->last_query:"NULL")."\n";
			echo "<b>Last Function Call:</b> " . ($this->func_call?$this->func_call:"None")."\n";
			echo "<b>Last Rows Returned:</b> ".count($this->last_result)."\n";
			echo "</font></pre></font></blockquote>";
			echo "\n<hr size=1 noshade color=dddddd>";
			
			$this->vardump_called = true;
 
		}
	
		// Alias for the above function	
		function dumpvars($mixed)
		{
			$this->vardump($mixed);	
		}
	
		// ==================================================================
		// Displays the last query string that was sent to the database & a 
		// table listing results (if there were any). 
		// (abstracted into a seperate file to save server overhead).
		
		function debug()
		{
			
			echo "<blockquote>";
	
			// Only show ezSQL credits once..
			if ( ! $this->debug_called )
			{
				echo "<font color=800080 face=arial size=2><b>ezSQL</b> (v".EZSQL_VERSION.") <b>Debug..</b></font><p>\n";
			}
			echo "<font face=arial size=2 color=000099><b>Query --</b> ";
			echo "[<font color=000000><b>$this->last_query</b></font>]</font><p>";
	
				echo "<font face=arial size=2 color=000099><b>Query Result..</b></font>";
				echo "<blockquote>";
				
			if ( $this->col_info )
			{
				
				// =====================================================
				// Results top rows
				
				echo "<table cellpadding=5 cellspacing=1 bgcolor=555555>";
				echo "<tr bgcolor=eeeeee><td nowrap valign=bottom><font color=555599 face=arial size=2><b>(row)</b></font></td>";
	
	
				for ( $i=0; $i < count($this->col_info); $i++ )
				{
					echo "<td nowrap align=left valign=top><font size=1 color=555599 face=arial>{$this->col_info[$i]->type} {$this->col_info[$i]->max_length}<br><font size=2><b>{$this->col_info[$i]->name}</b></font></td>";
				}
	
				echo "</tr>";
	
				// ======================================================
				// print main results
	
			if ( $this->last_result )
			{
	
				$i=0;
				foreach ( $this->get_results(null,ARRAY_N) as $one_row )
				{
					$i++;
					echo "<tr bgcolor=ffffff><td bgcolor=eeeeee nowrap align=middle><font size=2 color=555599 face=arial>$i</font></td>";
	
					foreach ( $one_row as $item )
					{
						echo "<td nowrap><font face=arial size=2>$item</font></td>";	
					}
	
					echo "</tr>";				
				}
	
			} // if last result
			else
			{
				echo "<tr bgcolor=ffffff><td colspan=".(count($this->col_info)+1)."><font face=arial size=2>No Results</font></td></tr>";			
			}
	
			echo "</table>";		
	
			} // if col_info
			else
			{
				echo "<font face=arial size=2>No Results</font>";			
			}
			
			echo "</blockquote></blockquote><hr noshade color=dddddd size=1>";
			
			
			$this->debug_called = true;
		}
	
	
	}
 
?>

Open in new window

0
sandbuddAuthor Commented:
Im still getting a blank page
0
nplibCommented:
comment out each function, then uncomment, 1 function at at a time until you no get a blank page again, this will tell you which is causing your blank page, plus,

you have two select() functions.

also
you have two select() functions, which will cause problems.
0
NerdsOfTechTechnology ScientistCommented:
Logic error
REDIRECT_AFTER_LOGIN not defined

header ( "Location: " . "$PHP_SELF");

OR

define("REDIRECT_AFTER_LOGIN","$PHP_SELF"); // put this in your include or inline your script
header ( "Location: " . REDIRECT_AFTER_LOGIN );

WILL WORK

I choose the first option for speed. If you are using REDIRECT_AFTER_LOGI repeatedly in different scripts use the second option. Otherwise, here is the script:
<?php
error_reporting(E_ALL);
 
	require_once ( 'settings.php' );
 
	if ( array_key_exists ( '_submit_check', $_POST ) )
	{
		if ( $_POST['username'] != '' && $_POST['password'] != '' )
		{
			$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
			if ( $db->RecordCount ( $query ) == 1 )
			{
				$row = $db->getRow ( $query );
				if ( $row->Active == 1 )
				{
					set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
					header ( "Location: " . "$PHP_SELF");
				}
				elseif ( $row->Active == 0 ) {
					$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
				}
				elseif ( $row->Active == 2 ) {
					$error = 'You are suspended!';
				}
			}
			else {		
				$error = 'Login failed!';		
			}
		}
		else {
			$error = 'Please use both your username and password to access your account';
		}
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title>login</title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
 
</head>
 
<body>
 
	<div id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
	</div>
	<div id="container" style="width:230px;">
 
		<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
 
			<input type="hidden" name="_submit_check" value="1"/> 
		
			<div style="margin-top:12px; margin-bottom:10px">
				<img src="images/username.gif" alt="username" border="0" />
				<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
			</div>
			<div style="margin-bottom:6px">
				<img src="images/password.gif" alt="password" border="0" />
				<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
			</div>
			<?php if ( ALLOW_REMEMBER_ME ):?>
			<div style="margin-bottom:6px">
				<input type="checkbox" name="remember" id="remember" />
				<label for="remember">Remember me</label>
			</div>
			<?php endif;?>
			<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
			<br class="clear" />
			<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>
			
		</form>
		
		
	</div>
	
</body>
 
</html>

Open in new window

0
NerdsOfTechTechnology ScientistCommented:
Logic error
REDIRECT_AFTER_LOGIN not defined

Changed LINE 18 to:
header ( "Location: " . "$PHP_SELF");

=NerdsOfTech
<?php
error_reporting(E_ALL);
 
	require_once ( 'settings.php' );
 
	if ( array_key_exists ( '_submit_check', $_POST ) )
	{
		if ( $_POST['username'] != '' && $_POST['password'] != '' )
		{
			$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );
 
			if ( $db->RecordCount ( $query ) == 1 )
			{
				$row = $db->getRow ( $query );
				if ( $row->Active == 1 )
				{
					set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
					header ( "Location: " . "$PHP_SELF");
				}
				elseif ( $row->Active == 0 ) {
					$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
				}
				elseif ( $row->Active == 2 ) {
					$error = 'You are suspended!';
				}
			}
			else {		
				$error = 'Login failed!';		
			}
		}
		else {
			$error = 'Please use both your username and password to access your account';
		}
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title>login</title>
	<link href="css/styles.css" rel="stylesheet" type="text/css" />
 
</head>
 
<body>
 
	<div id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
	</div>
	<div id="container" style="width:230px;">
 
		<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
 
			<input type="hidden" name="_submit_check" value="1"/> 
		
			<div style="margin-top:12px; margin-bottom:10px">
				<img src="images/username.gif" alt="username" border="0" />
				<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
			</div>
			<div style="margin-bottom:6px">
				<img src="images/password.gif" alt="password" border="0" />
				<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
			</div>
			<?php if ( ALLOW_REMEMBER_ME ):?>
			<div style="margin-bottom:6px">
				<input type="checkbox" name="remember" id="remember" />
				<label for="remember">Remember me</label>
			</div>
			<?php endif;?>
			<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
			<br class="clear" />
			<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>
			
		</form>
		
		
	</div>
	
</body>
 
</html>

Open in new window

0
nplibCommented:
what are you talking about, check out the post with settings.php
0
nplibCommented:

<?php
require ( 'lib/connection.php' );			
define ( "HOSTNAME", "" );			// - hostname - nedded to access the database
define ( "DATABASE", "" );				// - database name - the name of your mysql database
define ( "DBUSER", "" );				// - database user - what user should we use to access the database
define ( "DBPASS", "" );			// - database password - what password should we use to access the database
define ( "DBPREFIX", "" );				// - db prefix - would you like to use a prefix for your table?
define ( "APPLICATION_URL", "http://www.sandbudd.com/login/" );// - app. url - the url that points to our application ( ! with trailing slash )
define ( "APPLICATION_FOLDER", "login" );		// - do we have a folder where we store our scripts? ( ! no slashes )
define ( "REDIRECT_TO_LOGIN", "login.php" );		// - where should we redirect visitors if the access is restricted?
define ( "REDIRECT_AFTER_LOGIN", "members.php" );	// - where should we redirect members after logging in?
define ( "REDIRECT_ON_LOGOUT", "login.php" );		// - where should we redirect on logout?

Open in new window

0
NerdsOfTechTechnology ScientistCommented:
Thanks didn't see that

maybe the problem is in members.php then
0
nplibCommented:
the problem lies somewhere in the functions.php
0
sandbuddAuthor Commented:
it was my server guys...thanks...
0
nplibCommented:
define your answer.
0
sandbuddAuthor Commented:
it was using php 4 instead of 5... they moved me to another server and I didnt have to change a thing and it fired right up...lol
0
nplibCommented:
well, that would cause a lot of trouble if you were using php5 functions on a php4 server
0
Computer101Commented:
PAQed with points refunded (500)

Computer101
EE Admin
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.