Jump to content

divinedesigns1
 Share

Recommended Posts

<?php// Start Session to enable creating the session variables below when they log insession_start();// Force script errors and warnings to show on page in case php.ini file is set to not display themerror_reporting(E_ALL);ini_set('display_errors', '1');//-----------------------------------------------------------------------------------------------------------------------------------// Initialize some vars$errorMsg = '';$username = '';$password = '';$remember = '';if (isset($_POST['user'])) { $username = $_POST['user']; $password = $_POST['pass']; if (isset($_POST['remember'])) { $remember = $_POST['remember']; } $username = stripslashes($username); $password = stripslashes($password); $username = strip_tags($username); $password = strip_tags($password); // error handling conditional checks go here if ((!$username) || (!$password)) { $errorMsg = 'Please fill in both fields'; } else { // Error handling is complete so process the info if no errors include_once("php/config.php"); $username = mysqli_real_escape_string($con, $username); // After we connect, we secure the string before adding to query //$pass = mysql_real_escape_string($pass); // After we connect, we secure the string before adding to query $password = md5($password); // Add MD5 Hash to the password variable they supplied after filtering it // Make the SQL query $sql = "SELECT * FROM login WHERE user='$username' AND pass='$password'"; if(!$sql){ die('Connect Error: ' . mysqli_connect_error()); } $result = mysqli_query($con, $sql); $login_check = mysqli_num_rows($result); // If login check number is greater than 0 (meaning they do exist and are activated) if($login_check > 0){ while($row = mysqli_fetch_array($result)){ $id = $row["id"]; $_SESSION['id'] = $id; // Create the idx session var $_SESSION['idx'] = base64_encode("g4p3h9xfn8sq03hs2234$id"); // Create session var for their username $username = $row["user"]; $_SESSION['user'] = $username; // Create session var for their password $userpass = $row["pass"]; $_SESSION['pass'] = $password; } // close while // Remember Me Section if($remember == "yes"){ $encryptedID = base64_encode("g4enm2c0c4y3dn3727553$id"); setcookie("idCookie", $encryptedID, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days setcookie("passCookie", $password, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days } // All good they are logged in, send them to homepage then exit script header("location:home.php"); exit(); } else { // Run this code if they do not exist $errorMsg = "Username or Password Is Incorrect!!!"; } } // Close else after error checks} //Close if (isset ($_POST['uname'])){?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>Administrator</title></head><body><div id="wrapper"><br /><br /><table width="400" align="center" cellpadding="6" style="background:url(images/login.png); background-repeat:no-repeat; border:#d8d2c9 1px solid;"> <form action="index.php" method="post" enctype="multipart/form-data" name="signinform" id="signinform"> <tr> <td width="26%"><font size="+2" style="color:#b1a593;">Log In</font></td> <td width="74%" align="left" valign="top"><font color="#900000" style="margin:0px; padding:0px;"><?php print "$errorMsg"; ?></font></td> </tr> <tr> <td align="right"><strong style="color:#CCC;">Username:</strong></td> <td><input name="user" type="text" id="user" style="width:60%;" /></td> </tr> <tr> <td align="right"><strong style="color:#CCC;">Password:</strong></td> <td><input name="pass" type="password" id="pass" maxlength="24" style="width:60%;"/></td> </tr> <tr> <td align="right"> </td> <td><input name="remember" type="checkbox" id="remember" value="yes" checked="checked" /> Remember Me</td> </tr> <tr> <td> </td> <td><input name="myButton" type="submit" id="myButton" value="Sign In" style="color:#fff; background:#666; padding:2px; font-size:16px;"/></td> </tr><br /> </form></table><br /><br /></div></body></html>

Edited by DDs1
Link to comment
Share on other sites

HeyDDs, What's being displayed as the error(s)?
hey don E, sorry about that i had edit the post to update the code and i guess i deleted the error alsobut its was saying that it can not modify the header, the header was already sending output on line 65 66 and 69
Link to comment
Share on other sites

this is the error im getting don E, i though i fixed it but not sure some reason its showing up again

Warning: Cannot modify header information - headers already sent by (output started at /home/content/14/8709614/html/newssystem/admin/php/config.php:11) in /home/content/14/8709614/html/newssystem/admin/index.php on line 61Warning: Cannot modify header information - headers already sent by (output started at /home/content/14/8709614/html/newssystem/admin/php/config.php:11) in /home/content/14/8709614/html/newssystem/admin/index.php on line 62Warning: Cannot modify header information - headers already sent by (output started at /home/content/14/8709614/html/newssystem/admin/php/config.php:11) in /home/content/14/8709614/html/newssystem/admin/index.php on line 65
Edited by DDs1
Link to comment
Share on other sites

What is on those lines?Anyway... make sure "php/config.php" doesn't output anything - that it doesn't have any whitespace or anything before "<?php". That's about the only possible problem I can think of.

Link to comment
Share on other sites

What is on those lines? Anyway... make sure "php/config.php" doesn't output anything - that it doesn't have any whitespace or anything before "<?php". That's about the only possible problem I can think of.
so even if its in an include file with whitespace it wouldnt work? ok ill try that, also im having a problem displaying some content to edit and delete a certain topic, it works fine with on my host but on the person host it doesnt :glare: i even test it to make sure that its connecting to the database which it is, but when i try it on my other pc with a wamp server its saying its fail to connect due to period of response time, so i check the other pages and that didnt happen. any tip on how to solve this problem? and yes i also placed an if(!$con){} statement below the connections information.and i also did a var_dump(); and a print_r(); on the query, which nothing displayed nothing :glare: this is annoying me, because i took about a month to get this thing working ( btw this was just a update i wanted to do, so the person didnt mind the long wait for it, since i had the website up and running )
Link to comment
Share on other sites

What do you mean "i also did a var_dump(); and a print_r(); on the query, which nothing displayed nothing"? var_dump() in particular can NEVER display nothing. It always displays something... "bool(false)" or "string(0) """ at least.

Link to comment
Share on other sites

What do you mean "i also did a var_dump(); and a print_r(); on the query, which nothing displayed nothing"? var_dump() in particular can NEVER display nothing. It always displays something... "bool(false)" or "string(0) """ at least.
i mean normally when i do a var_dump(); or a print_r(); i normally get the value that is being inputted but this time nothing like that showed upbut i think this is happening because of the database im actually using, because when i try to connect to my database on my host, it say can not connect to XYZ through this sock, so when i look it up its saying if i want to connect to another database besides the one the person website is currently on i need to do create a file, which i find to be stupid, sorry i perfer everything to work one way without the complication. if you get what im saying
Link to comment
Share on other sites

Seeing something you are not expecting, when there are problems, using var_dump(), is the very idea behind using this function in the first place. If you knew what value you'll be getting, you're not doing any debugging.The question is what is that other thing you're getting? The thing when you're getting nothing like what you normally get. It is based on that information that you can find out what the error is and how to fix it.For connecting to a different database... perhaps your host has a cPanel or something, from which you can create a new DB, and then you would be able to connect to it?

Link to comment
Share on other sites

The question is what is that other thing you're getting? The thing when you're getting nothing like what you normally get. It is based on that information that you can find out what the error is and how to fix it.
imma have to do the var_dump(); again to tell you what exactly i normally get
For connecting to a different database... perhaps your host has a cPanel or something, from which you can create a new DB, and then you would be able to connect to it?
yeah im able to create a new db on the same host, but since im using joomla until im able to create my own cpanel. according to joomla documents you have to create a file which forces the connection to the new database ( which is stupidddd to me ) but maybe they have their own reason why they did that, so i have the administrator files outside of the joomla folder, and here is where problem of pulling out the info starts, or connecting to another db outside of that cpanel. so im going to start learning how to create a cpanel this week :).but for now i made the edit and delete option disable until i figure a way around this, because i dont want to place the administrator files into the joomla file (might cause a problem )
Link to comment
Share on other sites

ok i normally get the string but this time i got a bool(false), this means my query is incorrect or my connection isnt connecting?

Link to comment
Share on other sites

yeah im able to create a new db on the same host, but since im using joomla until im able to create my own cpanel.
cPanel is not the same thing as joomla. Joomla is a CMS - it's about managing site content. cPanel is about managing server settings.According to joomla's docs on the subject, all you need to do is alter your configuration.php file appropriately, not create a new file.
Link to comment
Share on other sites

ok i normally get the string but this time i got a bool(false), this means my query is incorrect or my connection isnt connecting?
Find out by also doing var_dump($con). If that's bool(false), then the connection failed.Speaking of which:
$sql = "SELECT * FROM login WHERE user='$username' AND pass='$password'";if(!$sql){die('Connect Error: ' . mysqli_connect_error());}

That's pointless. $sql is always a non empty string, so this if will never be entered. Plus, you're not even detecting a connection error here.

Link to comment
Share on other sites

Find out by also doing var_dump($con). If that's bool(false), then the connection failed. Speaking of which:
$sql = "SELECT * FROM login WHERE user='$username' AND pass='$password'";if(!$sql){die('Connect Error: ' . mysqli_connect_error());}

That's pointless. $sql is always a non empty string, so this if will never be entered. Plus, you're not even detecting a connection error here.

i fixed it, after i went and google bool(false); and i had to include the missing rows of the table, so now i can enable delete and edit for the users. thanks a lot boen, now to try that header(); again
Link to comment
Share on other sites

ok its working on the logout but when logging in, still getting the same error

Warning: Cannot modify header information - headers already sent by (output started at /home/content/t/a/r/targetme/html/admins/php/config.php:10) in /home/content/t/a/r/targetme/html/admins/index.php on line 62
do i need to make sure no space at all is in the script where the header(); is in?
Link to comment
Share on other sites

Yes. As the error message tells you

output started at /home/content/t/a/r/targetme/html/admins/php/config.php:10
So line 10 of config.php is outputting something. Stop it from doing so. BTW, why would you ever output anything at a config.php file?
Link to comment
Share on other sites

Yes. As the error message tells you So line 10 of config.php is outputting something. Stop it from doing so. BTW, why would you ever output anything at a config.php file?
besides the IF statement which say if theres a error with the config.php file or not.besides that there's nothing else outputting there
Link to comment
Share on other sites

Is that at line 10 by any chance? If not, what is on line 10?
i got it fixed, dont laugh but there was a whitespace after the closing php tabs, like this <?php blahd blah blah ?> <--that space between the 2 arrows smh seriously? thats veryyyyy sensitive
Link to comment
Share on other sites

To avoid that in the future, you can simply omit the "?>" at the end of pure PHP files, such as config.php.

Link to comment
Share on other sites

that space between the 2 arrows smh seriously? thats veryyyyy sensitive
it's not being "sensitive", it's following the rules. The PHP documentation specifically says that anything that is outside of PHP tags, no matter what it is, is not handled by the PHP engine and is sent directly to the web server as output. It's up to you, not PHP, to make sure your files and code are correct. Don't blame PHP when there are problems in your code.
Link to comment
Share on other sites

it's not being "sensitive", it's following the rules. The PHP documentation specifically says that anything that is outside of PHP tags, no matter what it is, is not handled by the PHP engine and is sent directly to the web server as output. It's up to you, not PHP, to make sure your files and code are correct. Don't blame PHP when there are problems in your code.
i was not blaming php for any problems in my codes, normally i accept your opinions but this is one i shall not accept.
Link to comment
Share on other sites

To avoid that in the future, you can simply omit the "?>" at the end of pure PHP files, such as config.php.
ok thanks, ill try that next time, didnt notice i had a white space there, thanks for the help, greatly appreciate it
Link to comment
Share on other sites

i was not blaming php for any problems in my codes, normally i accept your opinions but this is one i shall not accept.
What he says isn't really an opinion... strictly speaking, the computer is... strictly speaking :lol: . That's all.When you see something you find "disturbing" in some way, do what I do - read it out in the voice (and pace) of a British comedian (any comedian: Eddie Izzard, Dara O'Briain, Frankie Boyle... doesn't matter), and see if it funny in any way. If it is, chances are that it has a point.

I used Ed Byrne for his post above (simply because I watched him yesterday), and let me tell you, I literally LOLed - it's THAT funny.

Link to comment
Share on other sites

What he says isn't really an opinion... strictly speaking, the computer is... strictly speaking :lol: . That's all. When you see something you find "disturbing" in some way, do what I do - read it out in the voice (and pace) of a British comedian (any comedian: Eddie Izzard, Dara O'Briain, Frankie Boyle... doesn't matter), and see if it funny in any way. If it is, chances are that it has a point.

I used Ed Byrne for his post above (simply because I watched him yesterday), and let me tell you, I literally LOLed - it's THAT funny.

hehe, im not upset or anything, it was just a simple mistake, n that was just uncalled for considering everyone makes mistake, hehehe i dont do comedian cant find the fun in them well besides kevin harts or w.e that short dude name lol
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...