Solved

Login System

Posted on 2013-01-18
6
339 Views
Last Modified: 2013-01-21
I would like my registered users not to be allowed into my site until they have paid their fees. This can be determined by the date when they have paid. I have some code worked out but it appears to be working the opposite to the way that I would like. When they register a date is placed into the users table of the database that is one day less that the date they registered. When they pay then the date would change. However, my code is letting in the wrong registrants.

Following is my code:

<?php 

// Query the database:
	$q = "SELECT id, username, type, IF(date_expires >= NOW(), false) FROM users WHERE (email='$e' AND pass='"  .  get_password_hash($p) .  "')";		
	$r = mysqli_query ($connect, $q);
	
	if (mysqli_num_rows($r) == 1) { // A match was made.

	
// Get the data:
	$row = mysqli_fetch_array ($r, MYSQLI_NUM); 
	
	// Only indicate if the user's account is not expired:
	if ($row[3] == 1) $_SESSION['user_not_expired'] = true;
	
} else { // No match was made.
	$login_errors['login'] = 'The email address and password do not match those on file. ';
}


} // End of $login_errors IF

Open in new window


Thanks,

wchirnside
0
Comment
Question by:wchirnside
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 38795376
This is not really a question with a succinct answer so much as a requirement for application development.  Maybe this article can help?
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html
0
 

Author Comment

by:wchirnside
ID: 38796469
Thanks for the article. It is very informative. However, I believe that my question should have a direct answer. My code doesn't seem to be working. It is letting in registrants whose registration date is less than or equal to NOW but should only be letting in people whose date is GREATER THAN OR EQUAL TO NOW. So, of course, I need to figure out what is wrong with the code but at this stage I have a login system figured out that SHOULD be working. I don't really want to rework everything from the beginning. I have the database and all other aspects are working with that. The only thing is letting in people who have paid and redirecting those who have not paid their fees.

Thanks,

wchirnside
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 38796507
Not trying to be snarky, but NOW is a term of art in time-line processing and it has a value, such as the Unix Timestamp.  Everything in the past has a lower value.  Everything in the future will have a higher value when the future comes to pass.  

This precise moment in time, plus the future values, are the values that would match GREATER THAN OR EQUAL TO NOW.  As far as I can tell, logically, anyone who is already registered would have a registration date in the past.  So it sounds like you want to redesign with a registration date, a payment date and an expiration date in separate columns.

If you want to post the CREATE TABLE script I may be able to help you get the query working right, or at least suggest how to redesign the table and the logic.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:wchirnside
ID: 38797175
Yes, I understand. Thanks for your reply. The registered users who have not paid would have an expiration date that is in the past. These people should not be allowed into the site. The registered users who have continued on with the full registration and paid their fees would have a registration date somewhere in the future - up to two years.

During the payment process the date in the table would change to a date in the future.

The original registration date is controlled by the initial registration form.

CREATE TABLE `users` (
  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
  `type` ENUM('member','admin') NOT NULL,
  `username` VARCHAR(30) NOT NULL,
  `email` VARCHAR(80) NOT NULL,
  `pass` VARBINARY(32) DEFAULT NULL,
  `first_name` VARCHAR(20) NOT NULL,
  `last_name` VARCHAR(40) NOT NULL,
  `date_expires` DATE NOT NULL,
  `date_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
  `date_modified` TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00',
  PRIMARY KEY (`id`),
  UNIQUE KEY `username` (`username`),
  UNIQUE KEY `email` (`email`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;

Open in new window


Wchirnside
0
 
LVL 110

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 38797239
Maybe go with something like this in the table definition:

`date_expires` DATE NOT NULL DEFAULT '1975-01-01',

Then in the initial INSERT QUERY leave that column out to get date_expires loaded with the default value.  And when the client pays, UPDATE the row to set the correct (future) expiration date.

In the SELECT query you can do something like this:

$now = date('c');
$sql = "SELECT... WHERE date_expires > '$now' LIMIT 1";
0
 

Author Closing Comment

by:wchirnside
ID: 38803960
Thank you for your quick response
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is meant to give a basic understanding of how to use R Sweave as a way to merge LaTeX and R code seamlessly into one presentable document.
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo‚Ķ
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to pass data into a function in C++. This is one step further in using functions. Instead of only printing text onto the console, the function will be able to perform calculations with argumentents given by the user.

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question