davids_media

Hello I am having trouble at the moment with my "login.inc.php" file. Below is the code for it; <?php $login_errors = array(); if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { $e = mysqli_real_escape_string ($dbc, $_POST['email']); } else { $login_errors['email'] = 'Please enter a valid email address!'; } if (!empty($_POST['password'])) { $p = mysqli_real_escape_string ($dbc, $_POST['password']); } else { $login_errors['password'] = 'Please enter your password!'; } if (empty($login_errors)) { $q = "SELECT userid, username, usertype, IF(date_expires >= NOW(), true, false) FROM user WHERE(email='$e' AND password='" . get_password_hash($p) . "')"; $r = mysqli_query ($dbc, $q); if (mysqli_num_rows($r) == 1) { $row = mysqli_fetch_array ($r, MYSQLI_NUM); if ($row[2] == 'Admin') { session_regenerate_id(true); $_SESSION['user_admin'] = true; } $_SESSION['userID'] = $row[0]; $_SESSION['username'] = $row[1]; if ($row[3] == 1) $_SESSION['user_not_expired'] = true; } else { $login_errors['login'] = 'The email address and password do not match those on file.'; } } // End of $login_errors IF. I have underlined the piece of code which is giving me issues. When I try to run it I get this; Notice: Undefined index: email in C:\Users\David\Desktop\swapsite_new\site\includes\login.inc.php on line 6 How do I solves this please?

Having read this book (Effortless E-Commerce), there is a section in the Knowledge is Power section about IPN. Now the website I have been working on these past few months is a mix of both Knowledge is Power and Coffee. However, with my website, I am NOT requiring users to login, new users to register, etc (even though I planned to do it originally). But here is where my stupid question comes into play. I am selling physical products (e.g. hair extension products, hair care products, etc). Therefore, if I should use IPN, what would be the best way possible to incorporate it and if not, what are the alternatives please?

I have somewhat of a dilemma. When someone clicks on a Buy Now button and subsequently follows necessary steps to complete process of purchase, when that transaction is completed, in my product table, I want to subtract 1 from whatever value is in the field. E.g. say product one is being purchased, prior to purchase in product table, there are 5 product one's in stock, when purchase is complete, subtract 1 from 5 (to get 4). Here is my code <?php $title = "Like This Product, Buy It NOW!!!"; require ('includes/config.inc.php'); include ('./includes/header.html'); require (MYSQL); include ('./includes/main.html'); if($id = isset($_GET['prodID'])) { $query = "SELECT `prodID`, `product`, `prod_descr`, `image`, `price` FROM product WHERE `prodID`='{$_GET['prodID']}'"; $r = mysqli_query($dbc, $query); $showHeader = true; echo "<div id='right'>"; while($row = mysqli_fetch_array($r)) { if($showHeader) { //Display category header echo "<h1>" . "<span>" . "# " . "</span>" . $row['product'] . "<span>" . " #" . "</span>" . "</h1>"; echo "<div id='item'>"; // div class 'item' echo "<div class='item_left'>"; echo "<p id='p_desc'>"; echo $row['prod_descr']; echo "</p>"; echo "<p>" . "<span>" . "&pound" . $row['price'] . "</span>" . "</p>"; echo "</div>"; echo "<div class='item_right'>"; echo "<img src='db/images/".$row['image']."' />"; $showHeader = false; echo "</div>"; ?> <p> <form target="paypal" action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post"> <input type="hidden" name="cmd" value="_s-xclick"> <input type="hidden" name="hosted_button_id" value="7UCL9YCYYXL3J"> <input type="hidden" name="item_name" value="<?php echo $row['product']; ?>"> <input type="hidden" name="item_number" value="<?php echo $row['prodID']; ?>"> <input type="hidden" name="amount" value="<?php echo $row['price']; ?>"> <input type="hidden" name="currency_code" value="GBP"> <input type="image" src="https://www.sandbox.paypal.com/en_US/i/btn/btn_cart_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!"> <img alt="" border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1"> </form> </p> <p> <form name="_xclick" action="https://www.paypal.com/cgi-bin/webscr" method="post"> <input type="hidden" name="cmd" value="_xclick"> <input type="hidden" name="business" value="me@mybusiness.com"> <input type="hidden" name="currency_code" value="GBP"> <input type="hidden" name="item_name" value="<?php echo $row['product']; ?>"> <input type="hidden" name="amount" value="<?php echo $row['price']; ?>"> <input type="image" src="http://www.paypal.com/en_US/i/btn/btn_buynow_LG.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> </form> </p> <?php echo "</div>"; // End of div class 'item' $strSQL = "SELECT prodID, product, price, image FROM product ORDER BY RAND() LIMIT 1"; $objQuery = mysqli_query($dbc, $strSQL) or die ("Error Query [".$strSQL."]"); while($objResult = mysqli_fetch_array($objQuery)) { echo "<div class='love'>"; echo "<h6>Like this......you'll love this!!!</h6>"; echo "<ul>"; echo "<li>" . "<img src='db/images/" . $objResult['image'] . "' width='50' height='50' />" . "</li>"; echo "<br />"; echo "<li>" . "<a href='item.php?prodID={$objResult['prodID']}' title='{$objResult['product']}'>" . $objResult['product'] . "</a>" . " - " . "&pound" . $objResult['price'] . "</li>"; echo "</ul>"; echo "</div>"; } } } ?> <?php echo "</div>"; } include ('./includes/footer.html'); ?> How is this achievable please?

I have merged projects one (knowledge) and two (coffee) into my own e-commerce project. However I have some questions. 1. When a user adds an item to their cart (I'm selling physical products) to a PayPal cart, I don't want any user to be able to do it, I want it only done by regsitered users who are logged in. How is this achievable? 2. I have created an Orders table (based on the one used in Knowledge is Power) but it is pretty redundant at the moment and I have NOT inserted any data into it yet as I have no idea how to use it. I know this sounds rather complicated but help would be very very appreciated please.

No I do not just want to enter the data from the Products table into the item name box in Sandbox, theres 9 items, each one when you add it to the cart when the cart contents are displayed should display the specific product

Its OK I realised there were some issues with the UK Sandbox, I have since found a similar post on here which gave a link to a US site. Thanks anyway for the help, its just a shame the UK Sandbox has its problems

I am currently in the process of creating an Add To Cart button in Sandbox for all my product items, here is what I want; At the moment it asks me for Item Name and Item Number, however I have nine records in my Products table and when a Buyer purchases a product, I want it to output in PayPal the particular product they choose, I just dont want to type in an Item in Sandbox. I apologise if this is hard to understand but is there a possible solution to this?

In PayPal Sandbox, I have created a Test Account and once I enter the Sandbox Test Site, I go to click on Merchant Services tab. When I click that tab, it asks me to login with Test Account but when I do, it won't let me login. How do I solves this?

Thanks, thats helped me immensly

I am currently developing an e-commerce website which is a combination of both the knowledge is power and coffee sites What I want is this; - 1. Sell physical products like in Coffee 2. But use the PayPal payment gateway (since I will have users registered to the website) Is this possible please?

thats ok larry thank you for letting me know

thanks guys, you have all been really helpful, i changed it in the index.php page to "require_once" (for both config and mysql) and I have managed finally to get it working 100%.

I cannot seem to put attachments to any replies yet so i'll have to jus post some more of my code so i do apologise for this. index.php <?php error_reporting(E_ALL ^ E_NOTICE); ini_set("display_errors", 1); require ('./includes/config.inc.php'); //$_SESSION['userID']=1; // //$_SESSION['type']='admin'; require (MYSQL); include ('./includes/header.html'); include ('./includes/main.html'); if ($_SERVER['REQUEST_METHOD'] == 'POST') { include ('./includes/login.inc.php'); } echo <<<_END <div id="right"> <form id="frmSearch"> <input type="text" name="search" value="Search for a product..." onfocus="if(this.value==this.defaultValue)this.value='';" onblur="if(this.value=='')this.value=this.defaultValue;" id="txtSearch" /> <input type="submit" name="submit" value="Search" id="btnSearch" /> </form> <br /> <div id="shop"> <div class="shoprow"> <div class="shopcell"> <img src="includes/inc_pics/SCRUNCHIES.jpg" width="100" height="100" /> <div class="shopsubcell"> <li><a href="#">Human Hair</a></li> </div> </div> <div class="shopcell"> <img src="includes/inc_pics/SCRUNCHIES.jpg" width="100" height="100" /> <div class="shopsubcell"> <li><a href="#">Pony Tails</a></li> </div> </div> <div class="shopcell"> <img src="includes/inc_pics/SCRUNCHIES.jpg" width="100" height="100" /> <div class="shopsubcell"> <li><a href="#">Scrunchies</a></li> </div> </div> </div> <br /> <div class="shoprow"> <div class="shopcell"> <img src="includes/inc_pics/SCRUNCHIES.jpg" width="100" height="100" /> <div class="shopsubcell"> <li><a href="#">Full Heads</a></li> </div> </div> <div class="shopcell"> <img src="includes/inc_pics/SCRUNCHIES.jpg" width="100" height="100" /> <div class="shopsubcell"> <li><a href="#">Synthetic Hair</a></li> </div> </div> <div class="shopcell"> <img src="includes/inc_pics/SCRUNCHIES.jpg" width="100" height="100" /> <div class="shopsubcell"> <li><a href="#">Accessories</a></li> </div> </div> </div> <br /> <div class="shoprow"> <div class="shopcell"> <img src="includes/inc_pics/SCRUNCHIES.jpg" width="100" height="100" /> <div class="shopsubcell"> <li><a href="#">Contact Lenses</a></li> </div> </div> <div class="shopcell"> <img src="includes/inc_pics/SCRUNCHIES.jpg" width="100" height="100" /> <div class="shopsubcell"> <li><a href="#">Lip Tattoos</a></li> </div> </div> </div> </div> </div> _END; include ('./includes/footer.html'); ?> header.html <!DOCTYPE html> <html> <head> <!--[if lt IE9]> <script src="http://html5shiv.googlecode.com/svn/trunk/html5.js></script> <![endif]--> <meta charset="utf-8" /> <title> <?php $page_title = "Home"; if(isset($page_title)) { echo 'Hair Extensions Shop' . ' | ' . $page_title; } ?> </title> <script src="js/jquery-1.7.1.min.js" type="text/javascript"></script> <script src="js/jquery.jcarousel.js" type="text/javascript"></script> <link href="css/main.css" rel="stylesheet" type="text/css" media="screen, projection" /> <link href="css/menu.css" rel="stylesheet" type="text/css" /> <link href="css/carousel.css" rel="stylesheet" type="text/css" /> <link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/3.4.1/build/cssreset/reset.css"> <link href="css/tablet.css" rel="stylesheet" type="text/css" media="all and (min-width: 481px) and (max-width: 480px)" /> <link href='http://fonts.googleapis.com/css?family=Kelly+Slab' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis.com/css?family=Rokkitt' rel='stylesheet' type='text/css'> <script type="text/javascript"> $(document).ready(function () { $('#accordion a.item').click(function () { /* FIRST SECTION */ //slideup or hide all the Submenu $('#accordion li').children('ul').slideUp('slow'); //remove all the "Over" class, so that the arrow reset to default $('#accordion a.item').each(function () { if ($(this).attr('rel')!='') { $(this).removeClass($(this).attr('rel') + 'Over'); } }); /* SECOND SECTION */ //show the selected submenu $(this).siblings('ul').slideDown('slow'); //add "Over" class, so that the arrow pointing down $(this).children('a').addClass($(this).children('li a').attr('rel') + 'Over'); return false; }); }); </script> <!-----------------------------------------------------------------------------------> <script type="text/javascript"> function mycarousel_initCallback(carousel) { // Disable autoscrolling if the user clicks the prev or next button. carousel.buttonNext.bind('click', function() { carousel.startAuto(0); }); carousel.buttonPrev.bind('click', function() { carousel.startAuto(0); }); // Pause autoscrolling if the user moves with the cursor over the clip. carousel.clip.hover(function() { carousel.stopAuto(); }, function() { carousel.startAuto(); }); }; jQuery(document).ready(function() { jQuery('#mycarousel').jcarousel({ auto: 2, wrap: 'last', initCallback: mycarousel_initCallback }); }); </script> </head> <body> <!-- THE MAIN HEADER FOR THE WEBSITE --> <header> <!-- THE WEBSITE LOGO --> <div class="logo"> </div> <!-- END OF THE WEBSITE LOGO --> <!-- THE DYNAMIC JQUERY IMAGE SLIDER --> <div class="slider"> <!-- IMAGE CAROUSEL FOR SHOWCASING WORK --> <div class="tick"> <ul id="mycarousel" class="jcarousel-skin-tango"> <li>Welcome</li> <li>To The</li> <li>Website</li> </ul> </div> <!-- END OF IMAGE CAROUSEL FOR SHOWCASING WORK --> </div> <!-- END OF THE DYNAMIC JQUERY IMAGE SLIDER --> </header> <!-- END OF THE MAIN HEADER FOR THE WEBSITE --> main.html <!-- THE MAIN CONTENT --> <div id="main"> <!-- THE LEFT HAND SIDE CONTENT --> <div id="left"> <!-- THE SITE NAVIGATION --> <ul id="accordion"> <li> <a href="#" class="item popular" rel="popular">Shop</a> <ul> <li><a href="#">Human Hair</a></li> <li><a href="#">Pony Tails</a></li> <li><a href="#">Scrunchies</a></li> <li><a href="#">Full Heads</a></li> <li><a href="#">Synthetic Hair</a></li> <li><a href="#">Accessories</a></li> <li><a href="#">Contact Lenses</a></li> <li><a href="#">Lip Tattoos</a></li> </ul> </li> <li> <a href="about.php">About Us</a> </li> <li> <a href="contactus.php">Contact Us</a> </li> </ul> <ul id="accordion"> <?php if ($_SERVER['REQUEST_METHOD'] == 'POST') { include ('includes/login.inc.php'); } require_once ('./includes/form_functions.inc.php'); if (isset($_SESSION['userID'])) { echo '<li><a href="logout.php">Logout</a></li>'; echo 'You are LOGGED IN!!!'; if (isset($_SESSION['user_admin'])) { echo '<h2>ADMIN</h2>'; } } else { require ('includes/login_form.inc.php'); echo '<li><a href="register.php">Register</a></li>'; echo 'Nobody is LOGGED IN!!!'; } ?> </ul> <!-- END OF THE SITE NAVIGATION --> </div> <!-- END OF THE LEFT HAND SIDE CONTENT --> </div> <!-- END OF THE THE MAIN CONTENT --> footer.html <!-- THE FOOTER CONTENT --> <footer> <p> <div class="col1"> <h2>Customer Service</h2> <li><a href="#">Terms & Conditions</a></li> <li><a href="#">Privacy Policy</a></li> <li><a href="#">FAQ</a></li> </div> <div class="col2"> <h2>Social Media</h2> <li><a href="#">Facebook</a></li> <li><a href="#">Twitter</a></li> <li><a href="#">YouTube</a></li> </div> <div class="col3"> <h2>Site Links</h2> <li><a href="about.php">About Us</a></li> <li><a href="#">Shop</a></li> <li><a href="contactus.php">Contact Us</a></li> </div> </p> <div class="sub"> <li class="line1" >Copyright 2012 | <a href="http://www.davidsmedia.co.uk" target="_BLANK">David's Media</a> </li> <li class="line2" > <a href="#">Hair Extensions Shop</a> | North Wales </li> </div> </footer> <!-- END OF THE FOOTER CONTENT --> </body> </html> main.css /* THIS IS THE STYLESHEET WHICH CONTROLS THE LAYOUT OF THE WEBSITE */ /* BODY OF THE WEBSITE */ body, html { margin: 0; padding: 0; height: 100%; min-width: 1200px; max-width: 1700px; background-image: url(../images/bg.png); font-family: 'Rokkitt', serif; background-repeat: none; background-size: 1200px 1600px; background-position: right top; } /* END OF BODY OF THE WEBSITE */ /* CSS FOR THE FONT */ @font-face { font-family: 'Rokkitt', serif; url(http://fonts.googleapis.com/css?family=Rokkitt); } /* END OF CSS FOR THE FONT */ /* ---------------------------------------------------------------------------------------------------- */ /* WEBSITE HEADER, LOGO & SLIDER */ header { height: 150px; margin-top: 0; padding-top: 10px; width: 100%; clear: none; } .logo { width: 500px; height: 250px; margin: 10px; margin-left: 100px; float: left; position: absolute; border: 1px solid #ef2929; background-image: url(../images/logo5.jpg); background-repeat: no-repeat; background-color: #ffffff; } .slider { width: 500px; height: 300px; border: 5px solid #ef2929; margin: 10px; float: right; position: absolute; left: 700px; background-color: #ffffff; } /* END OF WEBSITE HEADER, LOGO & SLIDER */ /* ---------------------------------------------------------------------------------------------------- */ #main { width: 100%; height: 1400px; margin-top: 0; padding-top: 10px; clear: none; } /* ---------------------------------------------------------------------------------------------------- */ /* LEFT CONTENT */ #left { width: 350px; height: 500px; padding-top: 10px; margin-top: 150px; float: left; position: absolute; left: 0; } /* END OF LEFT CONTENT */ /* ---------------------------------------------------------------------------------------------------- */ /* RIGHT CONTENT */ #right { height: 300px; width: 1000px; float: right; margin-top: 150px; padding-top: 10px; position: absolute; left: 260px; top: 170px; } #right h1 { font-size: 60px; text-shadow: 0 0 1px rgba(0,0,0,0.9); margin-left: 175px; margin-top: 50px; } #right h1 span { color: #ef2929; text-shadow: 0 0 1px rgba(239,41,41,0.9); } #right p { width: 650px; margin-left: 175px; line-height: 40px; font-size: 30px; text-shadow: 0 0 1px rgba(0,0,0,0.5); } #right p span { color: #ef2929; text-shadow: 0 0 1px rgba(239,41,41,0.9); } #right hr { width: 700px; border: 1px solid #000000; margin-top: 20px; margin-bottom: 20px; } #shop { width: 800px; height: 250px; float: left; left: 90px; position: absolute; display: table; padding: 20px; text-align: center; margin-top: 50px; } .shoprow { display: table-row; } .shopcell { display: table-cell; } .shopcell img { margin-left: 40px; border: 5px solid #ef2929; width: 220px; height: 220px; } .shopsubcell { display: table-cell; } .shopsubcell li { list-style-type: none; width: 200px; } .shopsubcell li a { text-decoration: none; background-color: #ef2929; color: #ffffff; font-size: 20px; text-shadow: 0 0 1px rgba(255,255,255,0.2); letter-spacing: 1px; padding: 10px; float: left; margin-left: 40px; } /* END OF RIGHT CONTENT */ /* ---------------------------------------------------------------------------------------------------- */ form { text-shadow: 0 0 1px rgba(0,0,0,0.5); color: #000000; } /* ALL CONTENT FOR SEARCHING */ #frmSearch { padding: 10px; margin-left: 140px; margin-top: 100px; margin-bottom: 20px; } #frmSearch input { border: none; width: 300px; position: absolute; border: 5px solid #ef2929; padding: 10px; color: #2e3436; font-size: 14px; } #frmSearch input#btnSearch { -moz-border-radius-bottomright: 5px; -moz-border-radius-topright: 5px; -webkit-border-bottom-right-radius: 5px; -webkit-border-top-right-radius: 5px; -o-border-bottom-right-radius: 5px; -o-border-top-right-radius: 5px; -ms-border-bottom-right-radius: 5px; -ms-border-top-right-radius: 5px; width: 100px; background-color: #ef2929; color: #ffffff; text-shadow: 0 0 1px rgba(255,255,255,0.2); font-family: 'Rokkitt', serif; font-size: 20px; position: absolute; left: 440px; height: 45px; } /* END OF ALL CONTENT FOR SEARCHING */ /* ALL CONTENT FOR CONTACT US FORM */ #frmContact { margin-left: 100px; margin-top: 50px; padding: 10px; font-size: 25px; margin-left: 175px; text-shadow: 0 0 1px rgba(239,41,41,0.5); } #frmContact input, textarea { width: 300px; border: 5px solid #ef2929; color: #2e3436; font-size: 100%; } #frmContact input { float: right; right: 350px; position: relative; } #frmContact textarea { float: right; resize: none; position: relative; right: 350px; } #frmContact input#btnSend { background-color: #ef2929; color: #ffffff; text-shadow: 0 0 1px rgba(255,255,255,0.2); width: 75px; font-family: 'Rokkitt', serif; font-size: 20px; margin-top: 250px; position: absolute; right: 360px; border-radius: 5px; } /* END OF ALL CONTENT FOR CONTACT US FORM */ /* ALL CONTENT FOR REGISTRATION FORM */ #frmReg { margin-top: 0px; padding: 20px; font-size: 25px; margin-left: 150px; text-shadow: 0 0 1px rgba(0,0,0,0.5); color: #000000; } #frmReg input, textarea { width: 250px; border: 5px solid #ef2929; color: #2e3436; font-size: 100%; } #frmReg input { float: right; right: 350px; position: relative; } #frmReg textarea { float: right; resize: none; position: relative; right: 250px; } #frmReg input#btnNext { background-color: #ef2929; color: #ffffff; text-shadow: 0 0 1px rgba(255,255,255,0.2); width: 75px; font-family: 'Rokkitt', serif; font-size: 20px; margin-top: 50px; position: absolute; right: 270px; border-radius: 5px; } small { width: 250px; font-size: 12px; margin-left: 400px; margin-top: 5px; padding: 5px; border: 1px solid #000000; position: absolute; } /* END OF ALL CONTENT FOR REGISTRATION FORM */ /* ALL OTHER CONTACT US PAGE STUFF */ .con { } .con p { margin-left: 100px; font-size: 20px; } /* END OF ALL OTHER CONTACT US PAGE STUFF */ /* ---------------------------------------------------------------------------------------------------- */ footer { height: 170px; width: 100%; padding: 0; padding-top: 20px; } footer h2 { color: #ef2929; font-weight: lighter; text-shadow: 0 0 1px rgba(239,41,41,0.5); font-size: 30px; margin-left: 20px; } .col1, .col2, .col3 li { list-style-type: none; text-shadow: 0 0 1px rgba(0,0,0,0.5); font-size: 25px; } .col1 li a { color: #000000; text-decoration: none; margin-left: 20px; } .col2 li a { color: #000000; text-decoration: none; margin-left: 20px; } .col3 li a { color: #000000; text-decoration: none; margin-left: 20px; } .sub { list-style-type: none; margin-top: 200px; } .sub li { display: inline; color: #000000; text-shadow: 0 0 1px rgba(0,0,0,0.5); font-size: 20px; } .sub li a { text-decoration: none; color: #000000; } .sub li a:hover { text-decoration: underline; } .line1 { float: left; margin-left: 20px; } .line2 { float: right; margin-right: 20px; } .col1 { float: left; position: absolute; width: 400px; margin-left: 200px; } .col2 { position: absolute; width: 400px; margin-left: 500px; } .col3 { float: right; position: absolute; width: 400px; margin-left: 800px; } these are the html and css files, usually they are kept in the "includes" and "css" folders respectively thanks

I am currently developing an E-Commerce website for a client. At the moment, I am suffering two major headaches: 1. When users (non admin) log into the site their values are met based on the database values stored and everything is fine, except I can log in at the moment without any credentials. Therefore, this represents a huge and potentially dangerous security risk! 2. When an authorised user (member in database "user") logs out, when they are redirected to index.php, it states that someone is still logged in session. Here is the code for login.inc.php, logout.php, config.inc.php and mysql.inc.php Login - login.inc.php <?php $login_errors = array(); if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { $e = mysqli_real_escape_string ($dbc, $_POST['email']); } else { $login_errors['email'] = 'Please enter a valid email address!'; } if (!empty($_POST['pass'])) { $p = mysqli_real_escape_string ($dbc, $_POST['pass']); } else { $login_errors['pass'] = 'Please enter your password!'; } if (empty($login_errors)) { $q = "SELECT userID, username, type, IF(date_expires >= NOW(), true, false) FROM user WHERE(email='$e' AND pass='" . get_password_hash($p) . "')"; $r = mysqli_query ($dbc, $q); if (mysqli_num_rows($r) == 1) { // Get the data: $row = mysqli_fetch_array ($r, MYSQLI_NUM); // If the user is an administrator, create a new session ID to be safe: if ($row[2] == 'admin') { session_regenerate_id(true); $_SESSION['user_admin'] = true; } $_SESSION['userID'] = $row[0]; $_SESSION['username'] = $row[1]; if ($row[2] == 'admin') $_SESSION['user_admin'] = true; if ($row[3] == 1) $_SESSION['user_not_expired'] = true; echo '<div id="right">'; echo "<h1>Hi : <span>$row[1]</span></h1>"; echo '</div>'; } else { $login_errors['login'] = 'The email address and password do not match those on file.'; } } // End of $login_errors IF. Logging out - logout.php <?php require ('includes/config.inc.php'); // If the user isn't logged in, redirect them: redirect_invalid_user(); // Destroy the session: $_SESSION = array(); // Destroy the variables. if (session_id() != " " || isset($_COOKIE[session_name()])) setcookie(session_name(), '', time() - 2592000, '/'); session_destroy(); // Destroy the session itself. setcookie (session_name(), '', time()-300); // Destroy the cookie. // Include the header file: $page_title = 'Logout'; include ('includes/header.html'); // Print a customized message: include ('includes/main.html'); echo '<div id="right">'; echo '<h1>Logged : Out</h1>'; echo '<p>Thank you for visiting. You are now logged out. Please come back soon!</p>'; echo '</div>'; // Footer file needs the database connection: require (MYSQL); // Include the HTML footer: include ('includes/footer.html'); ?> Configuration File <?php $live = false; $contact_email = 'davids_media@yahoo.co.uk'; define ('BASE_URI', '/includes/'); define ('BASE_URL', '127.0.0.1:8080/hair_extensions/'); define ('MYSQL', BASE_URI . 'mysql.inc.php'); session_start(); if(isset($_SESSION['views'])) $_SESSION['views']=$_SESSION['views']+1; else $_SESSION['views']=1; echo "Views=". $_SESSION['views']; function my_error_handler ($e_number, $e_message, $e_file, $e_line, $e_vars) { global $live, $contact_email; $message = "An error occurred in script '$e_file' on line $e_line:\n$e_message\n"; $message .= print_r(debug_backtrace(), 1); $message .= print_r ($e_vars, 1); if (!$live) { echo '<div class="error">' . nl2br($message) . '</div>'; } else { error_log ($message, 1, $contact_email, 'From:lil_dave_morgan@yahoo.co.uk'); if ($e_number != E_NOTICE) { echo '<div class="error">A system error occurred. We apologize for the inconvenience.</div>'; } } return true; } set_error_handler ('my_error_handler'); function redirect_invalid_user($check = 'userID', $destination = 'index.php', $protocol = 'http://') { if (!isset($_SESSION[$check])) { $url = $protocol . BASE_URL . $destination; header("Location: $url"); exit(); } } Database Connection <?php DEFINE ('DB_USER', 'LilDaveM'); DEFINE ('DB_PASSWORD', 'dave'); DEFINE ('DB_HOST', 'localhost'); DEFINE ('DB_NAME', 'hairext'); $dbc = mysqli_connect (DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); mysqli_set_charset($dbc, 'utf8'); function escape_data ($data) { global $dbc; if (get_magic_quotes_gpc()) $data = stripslashes($data); return mysqli_real_escape_string ($dbc, trim ($data)); } function get_password_hash($password) { global $dbc; return mysqli_real_escape_string ($dbc, hash_hmac('sha256', $password, 'c#haRl891', true)); } ?> I apologise if this is very long winded but I have been trying for days to get to the bottom of this issue, help would be really really appreciated please.