Hermann
-
Posts
29 -
Joined
-
Last visited
Posts posted by Hermann
-
-
Hi there. I have recently encountered a problem and I just can't seem to find what I'm doing wrong. My registration with password hashing does work but I've tried to make it a little bit easier by building my own function for creating pages. It works brilliantly. But then the problem.
I've taken the database connection from example 1 and split it into seperate database connection and password hashing files. The problem this caused is that my form validation told me that I cannot redeclare the password hashing function. This made me decide that I will rather make them one file again. This now gives the error that the password hasher's mysqli_real_escape_string has a null first parameter although it is located in the database connection file.
As I've said earlier, this problem has started when I began using a function for page building. This is really hard problem to try to explain explain so please ask for any details if anyone can think of something.
The database connection file:
DEFINE ('DataBase_User','**********');
DEFINE ('DataBase_Password','*******');
DEFINE ('DataBase_Host','***********');
DEFINE ('DataBase_Name','*********');
$connect_to_database = mysqli_connect(DataBase_Host, DataBase_User, DataBase_Password, DataBase_Name);
mysqli_set_charset($connect_to_database, 'utf8');
function escape_data($data) {
global $connect_to_database;
if (get_magic_quotes_gpc())$data = stripslashes($data);
return mysqli_real_escape_string($connect_to_database, trim($data));
}
function hashed_password ($password) {
global $connect_to_database;
return mysqli_real_escape_string ($connect_to_database, hash_hmac('sha256', $password, 'c#haRl891', true));
}
The page building function:
function standard_layout($page_title, $dbc, $page_layout, $page_layout_ie, $stylesheet, $stylesheet_ie, $header_tpl, $page_body, $footer_tpl) {
/*
Die page title
*/
$page_title = $page_title;
/*
Die config file
*/
require($_SERVER['DOCUMENT_ROOT']."config.php");
/*
Die database konneksie
*/
if ($dbc == 'allow') {
require(MYSQL);
}
echo '<html>';
echo '<header>';
echo '<link rel="stylesheet" type="text/css" href="'.$page_layout.'"/>';
echo '<!--[if IE]><link rel="stylesheet" type="text/css" href="'.$page_layout_ie.'"/><![endif]-->';
echo '<link rel="stylesheet" type="text/css" href="'.$stylesheet.'"/>';
echo '<!--[if IE]><link rel="stylesheet" type="text/css" href="'.$stylesheet_ie.'"/><![endif]-->';
echo '</header>';
echo '<body>';
echo '<div class="wrapper">';
echo '<div id="header_div">';
include($_SERVER['DOCUMENT_ROOT']."$header_tpl");
echo '</div id="header_div">';
echo '<div id="content_div">';
include($_SERVER['DOCUMENT_ROOT']."$page_body");
echo '</div id="content_div">';
echo '<div class="push"></div>';
echo '</div>';
echo '<div class="footer_div">';
include($_SERVER['DOCUMENT_ROOT']."$footer_tpl");
echo '</div>';
echo '</body>';
echo '</html>';
}
The form that's giving the problems:
$array_of_field_errors = array();
/*
POST Request
*/
if($_SERVER['REQUEST_METHOD'] == 'POST') {
/*
Email
*/
if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
$email = mysqli_real_escape_string($connect_to_database, $_POST['email']);
} else {
$array_of_field_errors ['email'] = 'Not a valid email address';
}
/*
Password
*/
if(preg_match('/^[a-zA-Z0-9_]{6,32}$/', $_POST['password'])){
if($_POST['password'] == $_POST['confirm_password']) {
$password = mysqli_real_escape_string($connect_to_database, $_POST['password']);
} else {
$array_of_field_errors['confirm_password'] = 'Your passwords did not match';
}
} else {
$array_of_field_errors['password'] = 'Please enter a valid password';
}
/*
City
*/
if (preg_match('/^[A-Z\-]{2,32}$/i',$_POST['city'])){
$city = mysqli_real_escape_string($connect_to_database, $_POST['city']);
} else {
$array_of_field_errors['city'] = 'Please select your City';
}
/*
User Type
*/
if (preg_match('/^[A-Z\-]{8,10}$/i',$_POST['type'])){
$type = mysqli_real_escape_string($connect_to_database, $_POST['type']);
} else {
$array_of_field_errors['type'] = 'Please indicate what type of user you are ';
}
if(empty($array_of_field_errors)) {
$query_database = "SELECT email FROM users WHERE email = '$email'";
$connected_query = mysqli_query($connect_to_database, $query_database);
$rows_returned = mysqli_num_rows($connected_query);
if ($rows_returned == 0) {
$query_database = "INSERT INTO users (email, password, location, type) VALUES ('$email','".hashed_password($password)."','$city', '$type')";
$connected_query = mysqli_query($connect_to_database, $query_database);
if(mysqli_affected_rows($connect_to_database) == 1) {
header('Location: http://.........success_pl.php/');
exit();
} else {
trigger_error('You could not be registered due to a system error. We apologize for any inconvenience.');
}
} else {
if($rows_returned ==1 ) {
$array_of_field_errors['email'] = 'Email address already registered ';
}
}
}
}
require_once($_SERVER['DOCUMENT_ROOT']."mvc/controller/functions/forms/text_pass_func.php");
?>
<div id="register">
<fieldset id="validate_register_fieldset">
<legend id="problem_legend"><h2>Please correct these errors</h2></legend>
<form action="validate.php" method="post" accept-charset="utf-8" >
<p><label for="email"><strong>Email*</strong></label> <small>e.g johndoe@mymail.com</small>
<br/><?php text_pass('email', 'text', 'register', $array_of_field_errors);?>
</p>
<p><label for="password"><strong>Password*</strong></label> <small> 6 Character min. Only letters and numbers</small>
<br/><?php text_pass('password', 'password', 'register', $array_of_field_errors);?>
</p>
<p><label for="confirm_password"><strong>Confirm Password*</strong></label>
<br/><?php text_pass('confirm_password', 'password', 'register', $array_of_field_errors);?>
</p>
<p><label for="city"><strong>City*</strong></label>
<br/><?php dropbox('city', 'select' , $array_of_field_errors);?>
</p>
<p><label for="type"><strong>Type of user*</strong></label>
<br/><?php dropbox('type', 'select', $array_of_field_errors);?>
</p>
</br>
<input type="submit" name="submit_button" value="Sign Up" id="submit_button" class="register_button" />
 
<a href="provide_info.php" align="right"><small>Why do we need this info?</small> </a><br/>
</br>
<div id="agreed">
<small>By clicking Sign Up you are indicating that you have </br> read and agree to the <a href="terms_pl.php" ><small>
Terms of use</small></a> and <a href="privacy_pl.php" ><small>Privacy policy</small></a></small>
</div id="agreed">
</form>
</fieldset>
</div id="register">
The validate.php page that the above form refers to in its action:
$page_title = 'Welcome';
$dbc = 'allow';
$page_layout = 'default.css';
$page_layout_ie = 'default_ie.css';
$stylesheet = 'index.css';
$stylesheet_ie = 'index_ie.css';
$header_tpl = 'header_1_tpl.php';
$page_body = 'information_inc.php';
$footer_tpl = 'footer_1_tpl_pl.php';
standard_layout($page_title, $dbc, $page_layout, $page_layout_ie, $stylesheet, $stylesheet_ie, $header_tpl, $page_body, $footer_tpl);
Please any help would reeeeaaaaaallly be appreciated!
-
Thank you very much Rob. I was overcomplicating the whole thing. Tried to use header(Content-type:.... etc when all I needed to do was what you told me. Haha. Thanks again for the help!
-
Hi there Larry. Firstly I would like to thank you for the great book.Before I started with your Effortless ECommerce book I didn't have a day's coding experience and I can honestly say that I have become quite accustomed to coding and techniques used as a result of this book so I am really thankful!
I am building a social network type of site some of the principles in this book. I have used the image uploader from the second part of the book and instead of generating unique image names for every file, I have decided to rename the file so that it will exist only out of the user id data stored in the $_SESSION and the username. This is also stored in the session. A file would thus be stored in the following example directory...model/uploads/images/business_logos/5WalMart/5WalMart.jpg (this is just an example to Wal Mart's directory where it's logo will be stored).
The image is stored and everything is working 100%. The only problem that I have is that I do not know how to display this image in a browser. What should be stored in a database table? How do I retrieve and show this image on a page? Any help would be appreciated.
Please ask if you want any extra info!
Kind Regards!
Password Hash Function Not Working
in Effortless E-Commerce with PHP and MySQL
Posted
PS I have removed some of the text eg routes to files etc but this shouldn't have any effect on anything.