Search the Community
Showing results for tags 'login'.
-
Hi Larry, I want to manage logins to disallow duplicate logins so that one subscriber can't use another subscriber's login credentials to log in simultaneously. I was thinking of adding a "logged_in" ENUM column to the user table with values "Yes" and "No". The value is set to "Yes" when the user logs in and to "No" when the user logs out. But if the user just closes the browser window without logging out via the website, that would create an issue when the user tries to log in again. Your thoughts on this will be much appreciated. Regards.
-
In chapter 4 if I click on the Account tab once logged in, no links appear that allow me to change my password or logout, the account link is a dead link?. It is supposed to give me the option to logout and other links too. I am using the files from the download on this site. I finally found the problem, there is no bootstrap.min.js file in the downloads for this book. That is why the dropdown menu wasn't working. I went to the bootstrap site and downloaded and now it works fine. This really should be in the download files...
-
Hello, I have given up on Godaddy and WAMP. I am back to windows and IIS. I seem to be having a problem with the session since I always have the display showing Admin selections when I am classified as a user. I click on logout and they do go away. I click on the Home tab and they come back. I try the login and I get this error Fatal error: Call to undefined function escape_data() in C:\inetpub\wwwroot\ecommerce2\includes\login.inc.php on line 12 Any ideas are appreciated
-
Hi. I've been using your Chapter 4 login code for a while now and it works well. But I'd like to make an enhancement. Right now, in the login_form.inc.php, the form code is this: <form action="index.php#loginform" method="post" accept-charset="utf-8"> I use the #loginform because I have placed the login div at the bottom of my page. It needs to take the user back to the bottom of the page if the login is unsuccessful because otherwise they will not see the error messages that the login was unsuccessful. It works well, EXCEPT that if the user logs in successfully, then they are still stuck at the bottom of the page. I would like to change it so that if the user logs in successfully, they are taken to the top of the page. (BTW, you can see the actual site here: www.readinesstest.com) Anyone have a thought on how to accomplish this? I've tried a handful of things but they didn't work. Thanks! --David
-
Here is the problem I have been having. I have tried numerous things to resolve it. Nothing seems to work. I have my login script from this book and I put it on a live domain to test it. And I can login fine with Internet explorer and Safari. But with Chrome and Firefox. It always fails to log me in on the first attempt, it takes 2 or sometimes 3 attempts. I am thinking of using the code from this book to build a website but I am completely clueless as to why it is doing this. I have triple-checked my code and it is like in the book. Could it be my SQL table that has a problem. I tested the query in phpmyadmin in the SQL form, and it always returns the user_id. When I try to login the page kind of jumps and it redirects me to index.php without logging me in. I have been at this for 3 days, any help would be HIGHLY appreciated.
-
I built a login page from the model in this book, and for some reason, sometimes when I login it redirects me back to index.php and it doesn't log me in. Other times it logs me in just fine. Any idea what could be causing this? Here is my login page code. <?php $page_title = 'Login to your account'; include ('includes/header.html'); include ('includes/config.inc.php'); if ($_SERVER['REQUEST_METHOD'] == 'POST'){ require (MYSQL); $trimmed = array_map('trim', $_POST); if (!empty($trimmed['Email']) && filter_var($trimmed['Email'], FILTER_VALIDATE_EMAIL)){ $e = mysqli_real_escape_string($dbc, $trimmed['Email']); } else { $e = FALSE; echo '<p class="error">You forgot to enter your email address, or the email you entered is invalid.</p>'; } if (!empty($trimmed['Pass'])){ $p = mysqli_real_escape_string($dbc, $trimmed['Pass']); } else { $p = FALSE; echo '<p class="error">You forgot to enter your password, or the password you entered is invalid.</p>'; } if ($e && $p){ $q = "SELECT UserID, Fname FROM users WHERE (Email='$e' AND Pass=SHA1('$p')) AND Active IS NULL"; $r = mysqli_query($dbc, $q) or trigger_error("Query: $q\n<br /> Mysql Error:" . mysqli_error($dbc)); if (@mysqli_num_rows($r) == 1){ $_SESSION = mysqli_fetch_array($r, MYSQLI_ASSOC); mysqli_free_result($r); mysqli_close($dbc); $url = BASE_URL . 'index.php'; ob_end_clean(); header("Location: $url"); exit(); } else { echo '<p class="error">Either the username and password you entered do not match those we have on file, or you have not yet activated your account.</p>'; } } else { echo '<p class="error">Please Try Again</p>'; } mysqli_close($dbc); } ?> <div class="text"> <h1>Login</h1> <p>Your browser must allow cookies in order to log in.</p> <form action="login.php" method="post"> <fieldset> <p><b>Email: <input type="text" name="Email" /></b></p> <p><b>Password: <input type="password" name="Pass" /></b></p> <input type="submit" name="submit" value="Login!" /> </fieldset> </form> </div> <? include ('includes/footer.html'); ?>
-
Can anyone provide me with a simple solution to the Pursue question in chapter 18, create a last_login field and make it so that a user can see how long it has been since they last logged in. thanks Graham
- 1 reply
-
- login
- chapter 18
-
(and 3 more)
Tagged with:
-
Hi everyone. I've done everything I could think of to get Script 11.8 to work, but I keep getting the error message 'The username and password you entered do not match those on file'. The users.txt is where it should be (because it worked fine for register.php) and the script is almost exactly how it is in the book. I'm using the same user names and passwords as well. Is this happening because I'm on a Mac? Oh, I'm on PHP 5.3.6 and use XAMPP. <?php // Script 11.8 - login.php $file = '../users/users.txt'; if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Handle the form. $loggedin = FALSE; // Not currently signed in. // Enable auto_detect_line settings: ini_set('auto_detect_line_endings', 1); // Open the file: $fp = fopen($file, 'rb'); // Loop through the file: while ( $line = fgetcsv($fp, 200, "\t") ) { // Check the file data against the submitted data: if ( ($line[0] == $_POST['username']) AND ($line[1] == md5(trim($_POST['password']))) ) { $loggedin = TRUE; // Correct username/password combination. // Stop looping through the file: break; } // End of IF. } // End of WHILE. fclose ($fp); // Close the file. // Print a message: if ($loggedin) { print '<p>You are now logged in.</p>'; } else { print '<p style="color: red;">The username and password you entered do not match those on file.</p>'; } } else { // Display the form. // Leave PHP and display the form: ?> <form action="login.php" method="post"> <p>Username: <input type="text" name="username" size="20" /></p> <p>Password: <input type="password" name="password" size="20" /></p> <input type="submit" name="submit" value="Login" /></form> <?php } // End of submission IF. ?> </body> </html>
-
Hey, I am currently reading the book, and have made my own register form and php script. There is no problems with the database connection, but it just will not insert information into the database. The MySQL database is named 'test' and the table 'users'. The table has user_id, first_name, last_name, email, pass and registration_date columns. here is the registration form: <!doctype html> <html> <head> <meta charset="utf-8"> <title>Untitled Document</title> </head> <body><link rel="stylesheet" type="text/css" href="style.css"> <form action="script4.php" method="post"> <p>First Name:<input type="text" name="first_name" /></p> <p>Last Name:<input type="text" name="last_name" /></p> <p>Email: <input type="text" name="email" /></p> <p>Password: <input type="password" name="pass1" /></p> <p>Confirm Password: <input type="password" name="pass2" /></p> <input type="submit" name="submit" value="Submit!" /> </form> </body> </html> and here is script4.php : <!doctype html> <html> <head> <meta charset="utf-8"> <title>Untitled Document</title> </head> <body> <?php $first_name = $_REQUEST['first_name']; $last_name = $_REQUEST['last_name']; $email = $_REQUEST['email']; $pass1 = $_REQUEST['pass1']; $pass2 = $_REQUEST['pass2']; require ('mysql_connect.php'); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $errors = array();} if (!empty($_POST['first_name'])) { $errors[] = "You forgot to enter your first name!"; } else { $fn = trim($_POST['first_name']); } if (!empty($_POST['last_name'])) { $errors[] = "You forgot to enter your first name!"; } else { $ln = trim($_POST['last_name']); } if (!empty($_POST['email'])) { $errors[] = "You forgot to enter your first name!"; } else { $e = trim($_POST['email']); } if (!empty($_POST['pass1'])) { if ($_POST['pass1'] != $_POST['pass2']) { $errors[] = "Your passwords do not match."; } else { $p = trim($_POST['pass1']);} }else { $errors[] = "You forgot to enter your password."; } if (empty($errors)) { require ('mysql_connect.php'); @mysqli_query("INSERT INTO users (first_name, last_name, email, pass, registration_date) VALUES($first_name, $last_name,$email, SHA1($pass), NOW() )");} ?> </body> </html> Please can someone help me. I am using WAMP server by the way.
-
Within the register.php file there's an INSERT statement that inserts a record into the users table of the database. My password is only inserted locally. When I go live and try to register, the pass field in the db is blank. I'm using the library with the password.php in it and have included that above the INSERT statement. mark
-
Hello, I'm new to this forum, and unsure whether or not this is the right place to post this. I'm working on a membership system for a local organization which initially will have contact information (names, addresses, telephone numbers, email addresses, birth dates, etc) as well as other info related to the organization in a MySQL database. There are no plans to add data that is any more sensitive (i.e. credit card numbers), and we will never be doing any kind of e-commerce. There is also a separate part of the existing site, created using Wordpress, that (as far as I can see) has no need whatsoever to be secured with https. But because there is a login for managing this contact information, I am asking: is it recommended, or even necessary that the site use https for the pages behind the login? And, if it is indeed recommended, are there sites you can recommend for implementing this: info about SSL certificates, etc. Thanks very much, and especially thank you for your books. I have PHP and MySQL for dynamic web sites, and I've been using it since 2006.
-
Hi all I've been tearing my hair out with this for too long so I'm asking for help. I've been working through the book and everything is going well until this chapter. I believe I have created the sessions as I should. I can log in and out and I've added session_start(); to every page that needs to be restricted by login (password.php, view_users.php, etc). Yet, when I log out I can still view the pages. Is there nothing else I should add to the pages for them to work? No include for login_functions.inc.php, for example? I'm new to this (did you guess?) so I may be missing something so obvious that it wasn't thought worth mentioning. The only mention of how to make the other pages work is this on page 354, as far as I can see: " For the Login/Logout links to work on the other pages (register.php, index.php, etc.), you’ll need to add the session_start() command to each of those. " Thanks for any help you can give me. Mat
-
So I have gone through Chapter 12 a few times. This chapter shows you how to make a login functions first using cookies and then using sessions. I have no problem with creating the login functions with the cookies method using the provided scripts with this book. However when I get to the Session section the provided scripts do not work for me. When I get to Script 12.9 things stop working for example After logging in, I am supposed to be redirected to loggedin.php, which will welcome the user by name using the stored session value. It does not happen for me. Here is my cookies website that works with books files http://www.trueacewebdesign.com/larry-php/website-login-w-cookies/index.php Here is the session files website with the books files that does not work http://www.trueacewebdesign.com/larry-php/website-login-w-sessions/index.php Here is the a zip file of all the session files that has everything in place. http://www.trueacewebdesign.com/website-login-w-sessions.zip I am still a newbie to PHP. However from my understanding I do not need to turn on any special configuration for sessions to work. Note I have successfully used sessions on the same host last month form a different book so I know its not my configuration. Did I miss a step in the book? I don’t see how that is possible since I am using the files unedited from the book. Thank you JP
- 12 replies
-
- ch.12
- script 12.9
-
(and 2 more)
Tagged with:
-
Hello All, Well I'm wrapping up the last part of this book and seem to have hit a roadblock. On the first Ch. 13 Pursue assignment that tells you to make the login form sticky, I can't seem to get it to work and I've been able to get all of the previous ones pretty quickly. I know it'll probably be something that makes me feel silly after I figure it out, but after 2 hours of mixing and rearranging code, I keep coming back to the same thing and get somewhat similar results each time. Aside from it not working properly, when I put my code in the value attribute, it shows up as code in the actual form the first and every time after you reload the page. Here is my code and any help is appreciated: <?php // Script 13.5 - login.php /* This page lets people log into the site. */ // Set two variables with default values: $loggedin = false; $error = false; // Check if the form has been submitted: if($_SERVER['REQUEST_METHOD'] == 'POST') { // Handle the form: if(!empty($_POST['email']) && !empty($_POST['password'])) { if ( (strtolower($_POST['email']) == 'me@example.com') && ($_POST['password'] == 'testpass') ) { // Correct! // Create the Cookie setcookie('Samuel', 'Clemens', time()+3600); // Indicate they are logged in: $loggedin = true; } else { // Incorrect! $error = 'The submitted email address and password do not match those on file!'; } } else { // Forgot a field. $error = 'Please make sure you enter both an email address and a password!'; } } // Set the page title and include the header file: define('TITLE', 'Login'); include('templates/header.html'); // Print an error if one exists: if ($error) { print '<p class="error">' . $error . '</p>'; } // Indicate the user is logged in, or show the form: if($loggedin) { print '<p>You are now logged in!</p>'; } else { print '<h2>Login Form</h2> <form action="login.php" method="post"> <p><label>Email Address <input type="text" name="email" value="<?php if(isset($_POST[\'email\'])){ print htmlspecialchars($_POST[\'email\']); } ?>"/></label></p> <p><label>Password <input type="password" name="password" /></label></p> <p><input type="submit" name="submit" value="Log In!" /></p> </form>'; } include('templates/footer.html'); // Need the footer. ?> I've tried messing around with the red code all sorts of ways and get different results each time. If I don't escape the post values for email then I get a unexpected 'email'(T_STRING) error. I have a feeling it has something to do with the quotes and for the fact that the form is still within php already but can't quite grasp it yet. Please help! Scatz
-
Edit: Nevermind do not worry about this thread. Apparently my action attribute for my login form should have been "index.php?p=login". When I give correct login info, it works correctly so I just need to fix the conditional for when the login info is incorrect. Okay so I tried setting up a modular website with the standard header + left sidebar, content, and right sidebar + footer. I also want to include the ability to register / login and put up a "Home | Login" or "Home | Settings" links up at the to of the header depending on whether someone is logged in or not. Now, for some reason when someone logs in successfully and the $_SESSION array is supposed to take in the data from the users table and then head to index.php, it seems that the $_SESSION array is not being set at all... it is empty. I am trying to figure out exactly what is going wrong here. Here is part of my login page: if(mysqli_num_rows($user_check_result) == 1) { //start of valid single match $_SESSION = mysqli_fetch_array($user_check_result, MYSQLI_ASSOC); //update most recent log in $last_logged_query = "UPDATE users SET last_logged_in = NOW() WHERE user_id = {$_SESSION['user_id']} LIMIT 1"; $last_logged_result = dbc_query ($dbc, $last_logged_query); if(mysqli_affected_rows($dbc) != 1) { //if one row was not affected $notes['last_logged_in_failure'] = "There was an error recording the login."; }//end of one row not being affected mysqli_free_result($user_check_result); if(isset($last_logged_result)) mysqli_free_result($last_logged_result); mysqli_close($dbc); $exit_url = BASE_URL . '/index.php'; header("Location: $exit_url"); exit(); } Also, since the else clause after this if clause is not being executed, and the page is being redirected to index.php I assume that the $_SESSION variable is being set. For some reason the redirect seems to be losing the $_SESSION array when it goes over to index.php. I even had to separate the login.php script into a login.inc.calc.php script to be executed befor ethe header.php file and a login.inc.out.php to be executed after the header.php file since a redirect has to occur before HTML output. A rar file of everything (except images) from my site (only 11kb because I just started it) is located here: http://ipredict.danconia.us/ipredict.danconia.us.rar This whole modular thing is making things a bit confusing and I'm wondering whether it's really worth it... if it might not be worth it to go back to the non-modular way of doing things. On the other hand I don't want to back down from a good challenge. Any help would be appreciated. Thank you! Edit: Also, for the record the first real line in index.php is a require('./includes/config.inc.php'); and that config file's first line is start_session(); so I just don't get why that wouldn't be occurring: /* * index.php (homepage) for http://iPredict.danconia.us * Script created by Kylan Hurt * http://kylan.danconia.us */ require('./includes/config.inc.php'); $errors = array(); $notes = array();
-
Hi ,this book are really good , simple and easy to understand , don't have any problem on understanding your words so far. I have apply to two of my project . This is not really a problem , just not sure where to start off . I was trying to improve the login system , because when the user forget to click the logout button , the session doesn't logout automatically.What i trying to do is make a session expire after 15 minutes of inactivity ? Any ideas ? [sOLVED] used this solution apply to include/config.inc.php just after the session_start() Hope this can helps $live = false; // Errors are emailed here: $contact_email = 'abc@gmail.com'; define ('BASE_URI','.'); define ('BASE_URL','www.domain.com/'); define ('MYSQL', BASE_URI . '/include/mysql.inc.php'); // Start the session: session_start(); $timeout = 15; // Set timeout minutes $logout_redirect_url = "index.php"; // Set logout URL $timeout = $timeout * 60; // Converts minutes to seconds if (isset($_SESSION['start_time'])) { $elapsed_time = time() - $_SESSION['start_time']; if ($elapsed_time >= $timeout) { $_SESSION = array(); // Destroy the variables. session_destroy(); setcookie (session_name(), '', time()-86400, '/'); // Destroy the cookie. header("Location: $logout_redirect_url"); } } $_SESSION['start_time'] = time();
-
Hi, Having a bit of a problem with regard to someone logging in on my site. It will not display Register page if I include certain files. Here is my header.php file which stores all the navigation links, and the sign-in option or to display their profile options: <body> <section class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container"> <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </a> <a class="brand text-info" href="http://www.webzoost.com" name="top">abaloo</a> <div class="nav-collapse collapse"> <ul class="nav pull-right"> <li><a href="http://www.webzoost.com/profiles/register.php">register</a></li> <li class="divider-vertical"></li> <li><a href="#">search</a></li> <li class="divider-vertical"></li> <li class="dropdown"> <?php if (isset($_SESSION['user_id'])) { echo '<a class="dropdown-toggle" href="#" data-toggle="dropdown">Your Profile <strong class="caret"></strong></a> <div class="dropdown-menu" style="padding: 15px; padding-bottom: 0px;">'; } else { echo '<a class="dropdown-toggle" href="#" data-toggle="dropdown">sign in <strong class="caret"></strong></a> <div class="dropdown-menu" style="padding: 15px; padding-bottom: 0px;">'; require ('includes/login_form.inc.php'); } ?> </div> </li> </ul> </div> </div> </div> </section> Now the problem comes when i add the following files: - login.inc.php since when i put this file in my index.php file I cannot seem to link to any other part of the website such as "register" which then throws up a blank page, but if I take out the file all-together then register displays. So what I am saying is where do I put file (login.inc.php) with-out it interfering with other links on my website, also could it be a directory issue, I know larry has his navigation in the footer, but mine is in the header.php file. here is my directory setup: index profiles - register.php includes - login.inc.php - login_form.inc.php - header.php // This is where all my navigation is, and also the login form as well. - footer.php I am now getting the following error when I only view the source code, this error is not being displayed for some reason on output to the user(I can't find an option to paste a screenshot/image of the code): An error occurred in script '/home/sites/webzoost.com/public_html/includes/header.php' on line 52:<br /> require(includes/login_form.inc.php) [<a href='function.require'>function.require</a>]: failed to open stream: No such file or directory<br /> <pre>Array<br /> Any comments, suggestions would be much appreciated. PHP5 MySQL5 Chrome
-
I have entered username and password directly in the database, now when i try to login with the data values in the default login page it shows UNKNOWN_IDENTITY error. I have printed out the error code in the log file, it shows error code is 100 which is i think is unknown identity error, the application is showing the default error which is unknown identity. Here is UserIdentity.php http://pastebin.com/emWFEwZc Here is LoginForm.php http://pastebin.com/r8WxW0CQ Here is SiteController.php http://pastebin.com/VYL3DcXV Here is login.php http://pastebin.com/0BhbhbmU
-
Hi, this is a general question based on the user registration scripts found in the back of this book. I was trying to create a single page which could call login.php and registration.php via includes() at the beginning of index.php; and then have two areas on a single page where the user could either sign up and be taken to the activation page, or where the user could login and be taken to the backend. Is there a way to do this on a single page without having to cut and paste the entirety of the two scripts (login and registration) into index.php? Is this how includes() can be used? Any advice would be welcome and appreciated.