Jump to content
  • Announcements

    • boen_robot

      Guidelines and Netiquette   03/28/2017

      Posting Problems:   Having problems posting your topic? Read through this: To join, you agree to our terms and conditions and fill out and submit a registration form. An activation email will be sent to your email adress, so you'll need to verify your account. After that the account has to be validated by one of the moderators. This will mean that it can take up to a day to be activated. A couple of things to remember to ensure approval: Don't use an email address in one of those $2 four character .com domains eg. xyds.com. These will be deleted and the domain added to the banned list. Don't use an email address that is within a domain with a bad reputation for spam. A Google search is run on every email address and email domain. Don't sign up with an email address that doesn't exist, doesn't work or requires the sender to answer a quiz before their email can get to you. Put your country and or state and city in the signup form. Blank forms will go to the botton of the "to do" list. And make sure that your email address and your country match, saying you're from Alabama and using a .ru email address is not going to get you activated. After a membership is activated the first few posts will be monitored. Posting spam or unapproved topics described in the agreement results in an immediate ban. The email provider and the IP addresses associated with the account will be banned and all posts will be deleted. These strict measures have been deemed necessary to hinder spam. Sorry for any inconvenience this causes, but it's not liable to change. If, after reading this, you still can't post and don't understand why, contact one of the Moderators listed here.   Topic Guidelines   Including the following information can expedite an accurate response from board members: Must be a Specific Problem or Question related to web design and development Include Code in Question (wrap with   for small blocks of code and for longer blocks   ) Include Code Author Include Extra Notes/Modifications/Attempts Include web link to page/file when possible Content Guidelines   You may not post, upload, link to, or email any Content that contains, promotes, gives instruction about, or provides prohibited Content. Prohibited Content includes any Content that breaks any local, state, county, national or international law. Prohibited Content also includes: No direct or indirect advertising or websites, forums, products, services No hijacking of posts (do not post your question in someone elses) Content that infringes upon any rights [ex. MP3s and ROMs] (including, but not limited to, copyrights and trademarks) Abusive, threatening, defamatory, racist, or obscene Viruses or any other harmful computer software False Information or libel Spam, chain letters, or Pyramid schemes Gambling or Illicit drugs Terrorism Hacking or cheating for internet/online games Warez, Roms, CD-Keys, Cracks, Passwords, or Serial Numbers Pornography, nudity, or sexual material of any kind Excessive profanity Invasive of privacy or impersonation of any person/entity Hacking materials or information Posting Tips   There are more BBcodes than there are buttons for on the reply menu. To get the full list, click "BB Code Help" underneath the clickable smilie face menu. Use   for small snippets of code Use   for lengthy snippets of code Use   if your snippet is HTML (optional) Use   if your snippet is SQL (optional) Rules of Conduct   Be nice. There's no need for calling someone stupid if they ask an 'easy' question. Keep your avatars and signatures absolutely child friendly. We have a younger audience on this forum. Keep your language appropriate for the same reason above. Do not PM moderators for help on the forum. Post on the topic, or create a new one.   Spam:   Recently, as you have all without doubt noticed, we have had lots of spam and advertisement on the forum. Therefore, we'd like to alert you as to what to do when you have found any of the aforementioned annoying messages: it. Immediately. Give a clear reason, please, if the advertising is not evident. DO NOT POST! Report, let the post stay as is, and we will get to it, meanwhile if you continue to post as normal in the other threads, it won't be on the top so long. Refrain from PMing the member. This won't help at all, as they are most likely spambots anyway. Thank you.       Images in signatures:   After thinking of users on dial-up, we have decided to enforce the following rules regarding signatures. Please pay heed to them. Respecting these rules is respecting the members on this forum with dial-up. Signature rules: No animated images AT ALL. No matter the amount of animation. Maximum image widthxheight: 300x150 Maximum image (file) size: 15kb Use calm colors. Do not use highly contrasting images in your signature, as this can get really annoying when seeing several posts from one member in the same thread. The same prohibited content goes for images as for posts. Lastly, use common sense. No lengthy signatures please. Save us some scrolling. Thank you.       Links in signatures:   Please understand that w3schools.com only exists because of voluntary work and is barely supported by the advertising littered throughout the tutorials and the forum. So, please, stop advertising other sites. DO not post links that drive traffic away from the w3schools domain - especially to a site that offers similar if not identical information. Please help support the site by keeping individuals on it. Thank you. Here are some guidelines as to what you can put in your signature: w3schools links --> allowed w3.org links --> allowed browser links --> allowed html editor links --> allowed personal sites --> allowed tutorial sites competing with w3schools --> NOT allowed sites completely irrelevant to webprogramming and this forum --> NOT allowed   Thanks for understanding, and for taking the time to read this. ~W3Schools Modstaff~
Html

Php.ini file?

Recommended Posts

I pasted that bit of code from Justsomeguy, it didn't actually do anything, it stopped the page from working, so I removed it.

Share this post


Link to post
Share on other sites

basic login authentication, using a array to store user data as a temporary measure. edit script from Wrox PHP book. This does not include adding users, as i said, it uses a array. and the code will completely different.

profile.page: with included authentication script, and array script

<?php
include 'auth_inc.php';
include 'standInForDatabase.php';
?>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <meta name="viewport" id="viewport" content="target-densitydpi=high-dpi,initial-scale=1.0,user-scalable=no" />
        <title>Template Page</title>
        <script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
        <script  type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js"></script>
        <script type="text/javascript">

        </script>
        <style type="text/css">
            .topLogOut {position: fixed; right: 0; top:0;margin: 15px;}
            #wrapper {width: 60%; margin: 0 auto;}
        </style>
    </head>
    <body>
        <div id="wrapper">
            <div class="topLogOut"><form action="logout.php" method="get">
                    <input type="hidden" name="redirect" value="<?php $_SERVER['PHP_SELF']; ?>">
                    <input type="submit" value="Logout">
                </form></div>
            <h1> Welcome logged in user "<?php echo $userArray[$user_id][1]; ?>" to the Profile template page</h1>
            <p>Name: <?php echo $userArray[$user_id][1]; ?></p>
            <p>Email <?php echo $userArray[$user_id][3]; ?></p>
            <div><h2>Comment</h2><?php echo $userArray[$user_id][4]; ?></div>
        </div>
    </body>
</html>

auth.inc.php

<?php
session_start();
if (isset($_SESSION['logged']) && $_SESSION['logged'] == 1) {
    //do nothing
} else {
    $redirect = $_SERVER['PHP_SELF'];
    $_SESSION['redirect'] = $_SERVER['PHP_SELF'];
    header('Location: login.php?redirect=' . $redirect);
    /* header('Refresh: 5; URL=login.php?redirect=' . $redirect);
      echo 'You are being redirected to the login page!<br>';
      echo 'If your browser doesn\'t support this, <a href="login.php?redirect=' . $redirect . '">Click here</a>'; */
    die();
}
?>

standInForDatabase.php

$userArray = [
    [5, 'wroxbooks', 'wroxbooks', 'wroxbooks@wroxbooks.com', '<p>Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.</p>'],
    [11, 'thatbook', 'thatbookp', 'thatbook@thatbook.com', '<p>Fusce convallis, mauris imperdiet gravida bibendum, nisl turpis suscipit mauris, sed placerat ipsum urna sed risus. In convallis tellus a mauris. Curabitur non elit ut libero tristique sodales. Mauris a lacus. Donec mattis semper leo. In hac habitasse platea dictumst. Vivamus facilisis diam at odio. Mauris dictum, nisi eget consequat elementum, lacus ligula molestie metus, non feugiat orci magna ac sem. Donec turpis. Donec vitae metus. Morbi tristique neque eu mauris. Quisque gravida ipsum non sapien. Proin turpis lacus, scelerisque vitae, elementum at, lobortis ac, quam. Aliquam dictum eleifend risus. In hac habitasse platea dictumst. Etiam sit amet diam. Suspendisse odio. Suspendisse nunc. In semper bibendum libero.</p>'],
    [43, 'otherbook', 'otherbookp', 'otherbook@otherbook.com', '<p>Proin nonummy, lacus eget pulvinar lacinia, pede felis dignissim leo, vitae tristique magna lacus sit amet eros. Nullam ornare. Praesent odio ligula, dapibus sed, tincidunt eget, dictum ac, nibh. Nam quis lacus. Nunc eleifend molestie velit. Morbi lobortis quam eu velit. Donec euismod vestibulum massa. Donec non lectus. Aliquam commodo lacus sit amet nulla. Cras dignissim elit et augue. Nullam non diam. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. In hac habitasse platea dictumst. Aenean vestibulum. Sed lobortis elit quis lectus. Nunc sed lacus at augue bibendum dapibus.</p>']];

if (isset($_SESSION['user_id']) && !empty($_SESSION['user_id'])) {
    foreach ($userArray as $key => $row) {

        if ($userArray[$key][0] == $_SESSION['user_id']) {

            $user_id = $key;
        }
    }
}

login.php

<?php
session_start();
$_SESSION['logged'] = 0;

include 'standInForDatabase.php';

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    if (isset($_POST['submit'])) {
        foreach ($userArray as $key => $value) {

            if ($userArray[$key][1] === $_POST['username'] && $userArray[$key][2] === $_POST['password']) {
                //$user_id = $key;
                $_SESSION['user_id'] = $userArray[$key][0];

                $arrayUsername = $userArray[$key][1];
                $arrayPassword = $userArray[$key][2];


                break;
            }
        }
        if ($arrayUsername === $_POST['username'] && $arrayPassword === $_POST['password']) {
            $redirect = $_POST['redirect'];
            $_SESSION['logged'] = 1;

            header('Location:' . $redirect);
            /* header('Refresh: 5; URL=' . $_POST['redirect'] . '');
              echo 'You are being redirected to your original page request!<br>';
              echo 'If your browser doesn\'t support this, <a href="' . $_POST["redirct"] . '">Click here</a>'; */
        } else {
            $redirect = $_POST['redirect'];
            $htmlinvalid = <<<INVALIDLOGINHTML
               <!DOCTYPE html>
                <html>
                    <head>
                        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
                        <meta name="viewport" id="viewport" content="target-densitydpi=high-dpi,initial-scale=1.0,user-scalable=no" />
                        <title>Invalid logon</title>
                        <script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
                        <script  type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js"></script>
                        <script type="text/javascript">

                        </script>
                        <style type="text/css">

                        </style>
                    </head>
                    <body>
                        <div>
                            <p>Invalid Username and/or Password</p>
                            <form action="login.php" method="post">
                                <input type="hidden" name="redirect" value="$redirect">
                                <p><input type="text" name="username"></p>
                                <p><input type="password" name="password"></p>
                                <p><input type="submit" name="submit" value="Login"></p>
                            </form>
                        </div>
INVALIDLOGINHTML;
            echo $htmlinvalid;
        }
    }
} else {
    if ($_SERVER["REQUEST_METHOD"] == "GET") {
        $redirect = $_GET['redirect'];
    } else {
        $redirect = 'index.php';
    }
    ?>
    <!DOCTYPE html>

    <html>
        <head>
            <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
            <meta name="viewport" id="viewport" content="target-densitydpi=high-dpi,initial-scale=1.0,user-scalable=no" />
            <title>Valid Login required</title>
            <script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
            <script  type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js"></script>
            <script type="text/javascript">

            </script>
            <style type="text/css">

            </style>
        </head>
        <body>
            <div>
                <p>You must be logged on to view this page</p>
                <form action="login.php" method="post">
                    <input type="hidden" name="redirect" value="<?php echo $redirect; ?>">
                    <p><input type="text" name="username"></p>
                    <p><input type="password" name="password"></p>
                    <p><input type="submit" name="submit" value="Login"></p>
                </form>
            </div>
            <?php
        }
        ?>

    </body>
</html>

logout.php

<?php

session_start();
$redirect = $_SESSION['redirect'];
// Delete certain session
//unset($_SESSION['username']);
// Delete all session variables

session_destroy();

// Jump to login page
header('Location: ' . $redirect);

As you can see the passing of data from one to other pages, uses POST & GET from forms and links, as well as sessions.

Share this post


Link to post
Share on other sites

I pasted that bit of code from Justsomeguy, it didn't actually do anything, it stopped the page from working, so I removed it.

It's an example, I don't expect you to just copy and paste any code I write.  You should look at the code to understand what it's doing, that's what I'm trying to illustrate.  Like I mentioned in that post, "if you have a PDO object connected to your database" then that's one way you might list accounts.  If you haven't created a PDO object and connected it to your database before you tried to run that code, or if your database doesn't have the structure that code expects, then it's not going to work.  That's why I want you to understand the concept instead of just copying and pasting code into your project.

Share this post


Link to post
Share on other sites

Right, I thought that was the key to the problem.

 So now the login page requires the code he has pasted, catered to what I have there or use that and edit it.

 

Share this post


Link to post
Share on other sites

Okay, that wasn't any help.

I wanted to inquire, what about secure transfer for data, like a secure connection. I don't have one of those on the host I am using.

 

Share this post


Link to post
Share on other sites

Hmm, so what can you inform on this, what do I need to do to have a padlock for just simply registering to begin with, that wasn't on the free host or the paid host I am using.

Share this post


Link to post
Share on other sites

I can't speak to your particular host, but in general you create a certificate signing request on your server, then buy a certificate with the CSR from a reputable certificate authority, and when you get the certificate from the CA you install it on your server.  That will allow your server to encrypt traffic.  It is not possible to do this on a web server that serves multiple domains from the same IP address, only one of those domains can have a certificate on it (or, more specifically, it will try to encrypt all traffic using a certificate for a single domain).  So each secured domain needs a dedicated IP address.

Share this post


Link to post
Share on other sites

Ah I see,

The host I use, has a plan for £50 for a year or something. I use a basic £11.39p hosting per month, only when I can, so I have to cancel if I don't have that amount. So this certificate authentication isn't really cheap, it is separate from a package. The free host I use is ad based, and just for the testing, has no real features, sub domains, but that is it, free forum packages and all that, but pretty pointless in learning php 7/mysql.

Obviously I'm trying to create an account registration site, so something really basic like I've stated in the previous posts, sadly I can't get anywhere with this.

The whole certificate cost is out of the question, I can only just try and make the site work. I'm stuck with that.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×