rootKID

Hello W3S people again. once again im in a little need of help. at least to get it started, im a little lost in this matter...im in the half-way exams at this week. and we got told to make a admin system that could upload images to products... that part i (CAN) do...but here comes my problem... i dont know the part of resizing the images...any ideas or suggestions would be pretty awsome! and thats not for kidding...i just need a little help for the beginning of it, so i can see the syntax... Hoping answers or suggestions soon!... thanks alot in advance! .

it is possible to do hacking over HTML as far as i am aware of, so it should not be impossible, but as JSG said also, possible that he used an another account with higher priviliges also...

do you get any errors at all?... if no, i suggest to look at your names at your input fields, ect examble: your submit input is with the name (submitt) with 2 't's... recheck the names and on the post/variable your using to make the login query to work... EXAMPLE: <?phpif(isset($_POST['form_login_submit'])){$user = (POST)...$pass = (POST)...$email = (POST)...(QUERY HERE...)}?> you should check at (QUERY,THE IF STATEMENT,AND VARIABLES...) only examble, i dont know your coding style ...

sorry for late reply, and yes... but now i was talking about exacly this one since i did not try this one kind of stuff before to debug (error log stuff...) but pretty usefull actually...have allready finded alot of other errors in my codes... so i will fix those as a start, and then post here again when i need help with login, unless i fix it myself ... thanks for help so far! ...

ahh, sorry for misunderstanding then... i was the whole time thinking you was telling me to debug with stuff like: die/exit functions ...but i will try to check again, just with the error_log like you just have showed me... thanks ... Posting feedback tomorrow when tested...i have just got home from canarian islands... so will go to bed for night... see ya tomorrow ..

sorry for late reply, here you go now: bittorrent.phplogin.phptakelogin.phppassword_functions.php Files are all now attached ...

i just dont know what to do, and yes. i really have tried to debug.but every damn time im trying, then i am getting nofthing out from my database. that is why im confuced, and still when i login. the cookie (is) created, but im getting nofthing out from the curuser variable Oo... that is why im confuced, and yes. im still trying.but like i said, just a little bit (ALOT) confuced. and yes, i do understand what my coding is doing .just that when it come to the part of debugging. im just a little slow at finding out where to look and such.

hello again, and sorry for late reply. i have now tested the log file on the following files by doing as you told me to do by making a including file on same place as each file (root)... login.phptakelogin.phpindex.php (just to make sure anything was getting inside there at all...) and i have now attached my log file, but as i seing it. then it does not mention anything related to curuser variable as far as i can see... and next thing/question, is if the curuser is not working, (witch it isn't) but im still getting a cookie that has been created, then i suppose the cookie creation is working 100%, but creating the curuser variable does not, right?... because i have maked a if isset inside bittorrent.php menu part inside stdhead function that says if a curuser isset, then it will show a normal menu, else the not-logged in menu as you can see right now on the site... so i suppose it is only the curuser variable that does not works right now for momment being -.-'... any new ideas? ...

ok, thanks. will give the details of the log tomorrow when i have tested it, have allready maked the code... just needing to see what it has written to me,but too tired right now, so will not post feedback untill tomorrow... so see ya tomorrow with an update ... Thanks for now.

Ingolme?... why... he's on vecation down here too?... and where to be exact?.. im in Puerto Rico on a hotel called (Altamar) ... PS: you did not say if i could use it on the bittorrent.php file ...

ok thanks, will try this tomorrow.since its pretty late, and im on vecation down on gran canarian islands. and i need to go up early tomorrow. because of going to a market tomorrow, just for fun .. but i will try tomorrow, and post feedback... PS: can't i just write on bittorrent.php file, then it will affect all files anyway... and then the error.log will just get up on include folder, right?...

ok, this is what i (was) expecting it to be like to do in the beginning: a user logins in via the login page a cookie is set with something that can identify a sole user then a redirection... The redirection forces the userlogin to be called again but this time you have a cookie so it will attempt to get the data associated with what was set. and that was kinda the whole idea, and that was also what me and my coding friend was talking about, on how to make it ... EDIT: anyways.. i have added files if you wish to see what ive done so far if you wish to see for yourself, just to understand what im trying to, i will be debugging some more on the code untill tomorrow... if you find out what the heck is wrong, give me a clue where to look.... thanks dude ...

dosent matter... that was me talking black for a second i think... sorry... anyways... my new question is, what to do now... ive tried looking over all the damn code,and i just dont know what to do now since i have no ideas about what im needing/doing wrong... im clueless right now actually...

ok, just one thing/problem.. i dont know if you have seemed my website build-up way with the ftp-datails ive given...but if so, youll might have seemed inside the file bittorrent.php inside include folder that inside the function called stdhead that the menu i have builded up, its the same ive used there, the code CURUSER variable, and i have allready posted that out into the global with the examble you gave me, is it possible to do so again inside a variable Oo... just that, will they not override each other, or is that even possible when they are on each site of the function?... just asking ... PS: Will try still what you told me to, to echo everything i seem to be a thing that i should be having a look at...and then i will post about what i have finded out... .

ahh... thanks, will try to remember this kind of coding example, i did not knew how to echo it right i think since it was inside a array ... anyways... i did try as you said, and nofthing as a start... but when im trying to login again, im getting uid: 166 and pass = (MD5 STRING...) so that should be working as far as i can see... now, could it be the loggedinorreturn function?... because if it does get my login... then just why is it not putting me into the damn site... i just dont get it Oo... seems weird in a way to me...

hmm... could you give a example?... because im still a litte confuced when its comming to the bigger debugging ways... thanks.

in the bittorrent.php file in the top i have like this: /*ERROR CHECKING FOR POST,GET, AND SESSION ARRAY!*/echo "Sessions";echo "<pre>";print_r($_SESSION);echo "</pre>";echo "GET";echo "<pre>";print_r($_GET);echo "</pre>";echo "POST";echo "<pre>";print_r($_POST);echo "</pre>";echo "SERVER";echo "<pre>";print_r($_SERVER);echo "</pre>";/*ERROR CHECKING FOR POST,GET, AND SESSION ARRAY!*/ and i have activated it now online, so you will also be able to see on the test site...but what the point was of this, was to create a variable called (CURUSER) that stands for CurrentUser, and then we could be able to use it to row out stuff from the user table, and we have seemed this before in a open-source project called tbdev 09 final version, and its the exacly same coding way we are using to build up design and such on out project, just to make sure all works while we are trying some stuff out. and ive also tried to echo the variable, but im getting nofthing out of it... you can also see for yourself via FTP... ive given FTP acces via a test user ive created on my server....and backup and all are taken... so wont be a problem if we destroy the whole damn site while trying fixing it ... and right now for momment being, that is all ive tried so far...ive also tried to look into the functions, but after my little eye can spot, then all seems pretty good to me... that is why im kinda confuced where to go right now... and how i tried to solve problems so far inside the functions, was with the exit and die function... and all seems to come out right as my eye can spot it...so if you wish to try yourself with a go, then just login with ftp dude... and its late... so i will turn to bed for the day and reply tomorrow, and to see if any feedback from ya... thanks for today dude ... see ya...

yoyo w3s...im having a little trouble with my login page... here you can see the example: http://speed-scene.c...scene/login.php anyways, i allready knew about sessions and such, so i was thinking that it was time to expand my knowledge a little. so i was trying to make a login page that was using cookies to log me in, and while expanding, i was thinking that i could try it out on one of my projects on the following link i have allready given. but the trouble is that when im trying to login, then im just staying at the same page, and nofthing by then happends... here is all my login codes/pages im using: 1. bittorrent.php inside include folder from root (The functions im using to get the login thing to work...): function dbconn($autoclean = false){global $SS;if (!@mysql_connect($SS['mysql_host'], $SS['mysql_user'], $SS['mysql_pass'])){ switch (mysql_errno()) { case 1040: case 2002: if ($_SERVER['REQUEST_METHOD'] == "GET") die("<html><head><meta http-equiv='refresh' content=\"5 $_SERVER[REQUEST_URI]\"></head><body><table border='0' width='100%' height='100%'><tr><td><h3 align='center'>The server load is very high at the moment. Retrying, please wait...</h3></td></tr></table></body></html>"); else die("Too many users. Please press the Refresh button in your browser to retry."); default: die("[" . mysql_errno() . "] dbconn: mysql_connect: " . mysql_error()); }}mysql_select_db($SS['mysql_db']) or die('dbconn: mysql_select_db: ' . mysql_error());//mysql_query("SET NAMES utf8");mysql_set_charset('utf8');userlogin();if ($autoclean) register_shutdown_function("autoclean");} /*LOGIN FUNCTIONS*/function sqlesc($x) {return "'".mysql_real_escape_string($x)."'";}function mkglobal($vars) {if (!is_array($vars))$vars = explode(":", $vars);foreach ($vars as $v) {if (isset($_GET[$v])) $GLOBALS[$v] = unesc($_GET[$v]);elseif (isset($_POST[$v])) $GLOBALS[$v] = unesc($_POST[$v]);else return 0;}return 1;}function set_mycookie( $name, $value = "", $expires_in = 0, $sticky = 1 ){ global $SS; if ( $sticky == 1 ){ $expires = time() + 60*60*24*365;} else if ( $expires_in ) { $expires = time() + ( $expires_in * 86400 ); } else { $expires = FALSE; } $SS['cookie_domain'] = $SS['cookie_domain'] == "" ? "" : $SS['cookie_domain']; $SS['cookie_path'] = $SS['cookie_path'] == "" ? "/" : $SS['cookie_path']; if ( PHP_VERSION < 5.2 ) { if ( $SS['cookie_domain'] ) { @setcookie( $SS['cookie_prefix'].$name, $value, $expires, $SS['cookie_path'], $SS['cookie_domain'] . '; HttpOnly' ); } else { @setcookie( $SS['cookie_prefix'].$name, $value, $expires, $SS['cookie_path'] ); }}else{ @setcookie( $SS['cookie_prefix'].$name, $value, $expires, $SS['cookie_path'], $SS['cookie_domain'], NULL, TRUE );}}function logincookie($id, $passhash, $updatedb = 1, $expires = 0x7fffffff){set_mycookie( "uid", $id, $expires );set_mycookie( "pass", $passhash, $expires );if ($updatedb) @mysql_query("UPDATE users SET last_login = ".TIME_NOW." WHERE id = $id");}function logoutcookie() {set_mycookie('uid', '-1');set_mycookie('pass', '-1');}function loggedinorreturn() {global $CURUSER, $SS;if (!$CURUSER){ header("Location: {$SS['baseurl']}/login.php?returnto=" . urlencode($_SERVER["REQUEST_URI"])); exit();}}function get_mycookie($name){global $SS; if (isset($_COOKIE[$SS['cookie_prefix'].$name]) AND !empty($_COOKIE[$SS['cookie_prefix'].$name])) { return urldecode($_COOKIE[$SS['cookie_prefix'].$name]); } else { return FALSE; }}function userlogin() {global $SS;unset($GLOBALS["CURUSER"]);$ip = getip();$nip = ip2long($ip);require_once "cache/bans_cache.php";if(count($bans) > 0){foreach($bans as $k) { if($nip >= $k['first'] && $nip <= $k['last']) { header("HTTP/1.0 403 Forbidden"); print "<html><body><h1>403 Forbidden</h1>Unauthorized IP address. Please, piss off... you had your chance.</body></html>\n"; exit(); }}unset($bans);}if (!$SS['site_online'] || !get_mycookie('uid') || !get_mycookie('pass'))return;$id = 0 + get_mycookie('uid');if (!$id || strlen( get_mycookie('pass') ) != 32)return;$res = mysql_query("SELECT * FROM users WHERE id = $id AND enabled='yes' AND status = 'confirmed'");// or die(mysql_error());$row = mysql_fetch_assoc($res);if (!$row)return;if (get_mycookie('pass') !== $row["passhash"])return;mysql_query("UPDATE users SET last_access='" . TIME_NOW . "', ip=".sqlesc($ip)." WHERE id=" . $row["id"]);// or die(mysql_error());$row['ip'] = $ip;$GLOBALS["CURUSER"] = $row;}/*LOGIN FUNCTIONS*/ 2. this is my password_functions.php file inside include folder from root: <?phpfunction mksecret($len=5){ $salt = ''; for ( $i = 0; $i < $len; $i++ ) { $num = rand(33, 126); if ( $num == '92' ) { $num = 93; } $salt .= chr( $num ); } return $salt;} function make_passhash_login_key($len=60){ $pass = mksecret( $len ); return md5($pass);} function make_passhash($salt, $md5_once_password){ return md5( md5( $salt ) . $md5_once_password );} function make_password(){ $pass = ""; $unique_id = uniqid( mt_rand(), TRUE ); $prefix = mksecret(); $unique_id .= md5( $prefix ); usleep( mt_rand(15000,1000000) ); mt_srand( (double)microtime()*1000000 ); $new_uniqueid = uniqid( mt_rand(), TRUE ); $final_rand = md5( $unique_id.$new_uniqueid ); mt_srand(); for ($i = 0; $i < 15; $i++) { $pass .= $final_rand{ mt_rand(0, 31) }; } return $pass; }?> 3. this is my login.php file from root: <?phprequire_once("include/bittorrent.php");echo stdhead("Login");?> <form method="post" action="takelogin.php"><table class="login_table" align="center" border="1"><tr><td>Username</td><td><input type="text" name="username" id="username" size="35" /></td></tr><tr><td>Password</td><td><input type="password" name="password" id="password" size="35" /></td></tr><tr><td align="center" colspan="2"><input type="submit" name="login_submit" value="Login Now!" /></td></tr></table></form> <?phpecho stdfooter();?> 4. and at last, this is my takelogin.php file from root: <?phprequire_once 'include/bittorrent.php';require_once "include/password_functions.php";echo stdhead("Login");if (!mkglobal('username:password'))die();dbconn();$lang = array_merge(load_language('takelogin'));$res = mysql_query("SELECT id, passhash, secret, enabled FROM users WHERE username = " . sqlesc($username) . " AND status = 'confirmed'");$row = mysql_fetch_assoc($res);if (!$row)stderr($lang['tlogin_failed'], 'Username or password incorrect');if ($row['passhash'] != make_passhash($row['secret'], md5($password)))stderr($lang['tlogin_failed'], 'Username or password incorrect');if ($row['enabled'] == 'no')stderr($lang['tlogin_failed'], $lang['tlogin_disabled']);logincookie($row['id'], $row['passhash']);header("Location: {$SS['baseurl']}/index.php");echo stdfooter();?> and now to the big question, what the heck is wrong since i cannot login?... ideas where to check... it seems for my eye that i cannot see where to edit, since its all looking pretty well for both me and 1 other guys online i am coding with sometimes ... but the login does not work, so it is obviously that the codes does not either...but in anyways... i would be very much happy if anyone in here could tell me where to have my eyes on... thanks alot! ... PS: if wish to see the whole project, then you can use the following .FTP user to grand acces to the server and read the files, just in case you need more information.. HOST: blackbitt.comUSER: ftp_reader@blackbitt.comPASS: Reader1PORT: 21 bittorrent.php file is the main design to the whole site, and all my functions. in this way i have maked a Global Based design... Hoping you guys once more can guid me on to the right road again, thanks alot in advance! ...

haha... lol, ive founded the proble,... thanks again ...

hello guys, sorry for late reply as useally... i was busy doing job on outside my country... but im home for wednesday and then i have 3 weeks vecation time off ... anyways, i have handled the proble,... but thanks for looking... and like i said earlier... will try to hear a little more... .

thanks. that helped alot! ...

as a example, then i have to type like so with image inside the restriction like so: || ($_FILES["file"]["type"] == "image/jpeg") now, notice just right the /jpeg, there is a word (image)... now, my question is that if i need to code a forum ect, and they should be able to upload .PHP files orr .TORRENT Files ect, what is the syntax for that?... is that just script and torrent i should replace with image? or what?...

hello w3schools again, i just have a question this time .today i was trying to adding a upload script to my personal website . by following this tutorial: http://www.w3schools.com/php/php_file_upload.asp so here is my question.if im doing the saving part ''with'' the restrictions on it. what is the syntax for uploading a .torrent/.php/.html/ect file... i mean, before a filetype, there is somfthing that needs to be typed, like now, (image) ect...what is the syntax for making the part of a PHP and TORRENT file. thanks in advance.Hoping answers soon.

hmm. ok... thanks... will try to see if i can find my error at php.net and post back if i could find somfthing, .

sorry for late reply, and yeah... sorry... will try to hear a little more... the problem is that i have it into my soul to forget about stuff sometimes ... and by the way, why i do know i have connection to db, is because of that i have a signup page connected also ... and now i have tried with mysql error... and stupid me as allways... it was the SQL... no table name with the name user_login... the name should be users...and i think its working now... but one question more... when i hit enter and try to login... then its sending me to a page called succes_loader.php...and it does it even when im failing... where to put it in so it only does it when succes?... CODE: /*TEST #2*/if(isset($_POST['login_submit'])){$uname = $_POST['username']; //Form Name...$pass = $_POST['password']; //Form Name...if(isset($uname_checker)){$uname_stripped = strip_tags($uname);$pass_stripped = strip_tags($pass);}else{$error_login_text = "Unknown username or password!...";}$query="SELECT * FROM users WHERE username ='$uname_stripped' && password='$pass_stripped'";$result=mysql_query($query)or die(mysql_error());//running query...$row = mysql_fetch_array($result); $_SESSION['uid'] = $row['user_id'];$_SESSION['user_name'] = $row['username'];$_SESSION['user_password'] = $row['password'];$_SESSION['u_email'] = $row['user_email'];echo "<fieldset><legend>Login Error!</legend>$error_login_text</fieldset><br>";header('location:succes_loader.php?login_checker=1');}//End login_submit./*TEST #2*/ thanks in advance! ...