terrordinky Posted November 19, 2018 Share Posted November 19, 2018 Hello people, Im stuck for a long time, I have an what older login system on my site but it had mysql but now i wanted to upgrade it to mysqli. I've came litlle by litlle bit of searcing this far but it still got error's. I really want it to work again beacause i use it on all my sites. Code: <?php // Een beveiliging om te voorkomen dat men in je header.php probeert te openen. if(basename($_SERVER['PHP_SELF']) == "header.php") { header("Location: index.php"); } // Configuratie laden include_once('config.php'); // We maken eerst een classe aan class login { // Variabelen private $loginsessie = false; public $fouten = ""; private $gebruikers_info = array(); public $database_velden = array(); private $recheck = 0; // Deze functie wordt aangeroepen bij het laden van de classe public function __construct() { // maak verbinding met de database, als het niet lukt breek het af $con = mysqli_connect(mysql_host, mysql_user, mysql_password, mysql_database) or die(mysqli_error($con)); // mysqli_select_db(mysql_database, $verbinding) or die (mysqli_error($con)); // Controlleren op een login sessie $this->check_session(); // De loguit actie koppelen aan de end_session functie if(isset($_GET['actie']) && $_GET['actie'] == 'uitloggen' && $this->loginsessie === true) { $this->end_session(); } } // Init functie public function init() { // Controlleren op een POST request, wanneer er nog geen loginsessie is if($_SERVER['REQUEST_METHOD'] == 'POST') { /* was eerst if($_SERVER['REQUEST_METHOD'] == 'POST' && $this->loginsessie===false) {*/ if(isset($_POST['actie'])) { switch($_POST['actie']) { case 'login': $this->controleer_gegevens(); break; case 'registreer_gebruiker': $this->registreer_gebruiker(); break; } } } } // Functie om het ip adres op te vragen public function get_ip() { if (isSet($_SERVER)) { if (isSet($_SERVER["HTTP_X_FORWARDED_FOR"])) { $realip = $_SERVER["HTTP_X_FORWARDED_FOR"]; } elseif (isSet($_SERVER["HTTP_CLIENT_IP"])) { $realip = $_SERVER["HTTP_CLIENT_IP"]; } else { $realip = $_SERVER["REMOTE_ADDR"]; } } else { if ( getenv( 'HTTP_X_FORWARDED_FOR' ) ) { $realip = getenv( 'HTTP_X_FORWARDED_FOR' ); } elseif ( getenv( 'HTTP_CLIENT_IP' ) ) { $realip = getenv( 'HTTP_CLIENT_IP' ); } else { $realip = getenv( 'REMOTE_ADDR' ); } } return $realip; } private function registreer_gebruiker() { if(isset($_POST['actie']) && $_POST['actie'] == 'registreer_gebruiker') { $velden = array(); if(!is_array($this->database_velden) || !count($this->database_velden)) { die("FOUT: Geen velden opgegeven."); } // Alle velden uit de array doorlopen foreach($this->database_velden as $veld) { $veld = split(':', $veld); // Veldnaam $veld_naam = $veld[0]; $velden[$veld_naam] = $_POST[$veld_naam]; // Veld instellingen $veld_instellingen = split('\|', $veld[1]); foreach($veld_instellingen as $instelling) { if($instelling == 'verplicht' && empty($velden[$veld_naam])) { // Controlleer of het veld is ingevuld $this->fouten .= "- Het veld '". $veld_naam ."' is verplicht<br />"; } elseif($instelling == 'md5') { // Codeer naar md5 $velden[$veld_naam] = md5($velden[$veld_naam]); } elseif(substr($instelling, 0, 3) == 'min') { // Controlleer minimum stringlengte if(strlen($velden[$veld_naam]) < (int) substr($instelling, 4)) { $this->fouten .= "- Het veld '". $veld_naam ."' is te kort.<br />"; } } elseif(substr($instelling, 0, 3) == 'max') { // Controleer maximum stringlengte if(strlen($velden[$veld_naam]) > (int) substr($instelling, 4)) { $this->fouten .= "- Het veld '". $veld_naam ."' is te lang.<br />"; } } elseif(substr($instelling, 0, 2) == "==") { if($velden[$veld_naam] != $_POST[substr($instelling, 2)]) { $this->fouten .= '- De velden '. $veld_naam .' en '. substr($instelling, 2) .' komen niet overeen.<br />'; } } elseif($instelling == "avatar") { $velden[$veld_naam] = ('http://habmoon.org/status/habbie?habbie='.$_POST["gebruikersnaam"].'&direction=4&head_direction=3&action=wlk&gesture=sml&size=b'); } elseif($instelling == 'uniek') { $q = mysqli_query($this->con,"SELECT ". $veld_naam ." FROM gebruikers WHERE ". $veld_naam ." = '". mysqli_real_escape_string($this->con, $velden[$veld_naam]) ."' "); if(!$q) { $this->fouten .= '- Er is een MySQL fout opgetreden <br />'; } else { if(mysqli_num_rows($q)) { $this->fouten .= 'De inhoud van veld '. $veld_naam .' bestaat al<br />'; } } } elseif($instelling == 'email') { // Controleer email if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $velden[$veld_naam])) { $this->fouten .= "- Het email is incorrect.<br />"; } } } } if(!$this->fouten) { // SQL genereren $SQL = "INSERT INTO gebruikers "; $SQL_TMP = ""; foreach($velden as $key=>$value) { $SQL_TMP .= ", ". $key ." = '". mysqli_real_escape_string($this->con, $value) ."' "; } // Eerste komma weghalen $SQL .= "SET ".preg_replace("#^,{0,1}#", '', $SQL_TMP); if($SQL_TMP && mysqli_query($this->con,$SQL)) { header("Location: ../index.php"); } else { $this->fouten = "Er is een MySQL fout opgetreden."; /* om te debuggen gebruik: die(mysqli_error($con)); */ } } } } // Functie om gegevens te controleren private function controleer_gegevens() { // Kijken of we het juiste formulier gebruiken if(isset($_POST['actie']) && $_POST['actie'] == 'login') { // Gegevens van formulier opvragen en escapen tegen mysql injectie $gebruiker = mysqli_real_escape_string($this->con, $_POST['gebruikersnaam']); $wachtwoord = mysqli_real_escape_string($this->con, $_POST['wachtwoord']); // Kijken of we MD5 moeten gebruiken (zie configuratie bestand) if(login_password_md5===true) { $wachtwoord = md5($wachtwoord); } // Kijken of de gegevens correct zijn $query = mysqli_query($this->con,"SELECT * FROM gebruikers WHERE gebruikersnaam = '". $gebruiker ."' AND wachtwoord = '". $wachtwoord ."'"); if(mysqli_num_rows($query)) { // Array gebruikersinfo maken $this->gebruikersinfo = array(); $this->gebruikersinfo['info'] = mysqli_fetch_array($query); // Start sessie return $this->start_session(); } else { // Kijken wat er mis ging: if(mysqli_error($this->con)) { $this->fouten = "Er is een mysql fout opgetreden."; } else { $this->fouten = "Gebruiksnaam en/of wachtwoord is incorrect."; } } } } // Functie om de sessie te controlleren private function check_session() { // Controleren op cookie if($this->recheck>=3) { $this->fouten = "Er is een ongeldige cookie sleutel gevonden die niet kon worden verwijderd."; return false; } if(isset($_COOKIE['sid']) && !empty($_COOKIE['sid'])) { // Er is een niet-lege cookie $sid = mysqli_real_escape_string($this->con, $_COOKIE['sid']); // Controleren of sleutel en ip aanwezig zijn in database $query = mysqli_query($this->con,"SELECT * FROM logins WHERE sid = '". $sid ."' AND ip = '". $this->get_ip() ."'") or die("Er is een fout opgetreden."); if(mysqli_num_rows($query)) { $f = mysqli_fetch_array($query); // Gegevens uit database ophalen $query = mysqli_query($this->con,"SELECT * FROM gebruikers WHERE id = '". $f['uid'] ."' "); if(mysqli_num_rows($query)) { $this->loginsessie = true; $this->gebruikersinfo = array(); $this->gebruikersinfo['info'] = mysqli_fetch_array($query); } } } else { // Er is een ongeldige sleutel gevonden, laten we die eens verwijderen $secondes = login_session_time * 3600; setcookie("sid", "", time()-$secondes, "/"); $this->recheck = $this->recheck + 1; } } // De functie om de login sessie te starten private function start_session() { // Unieke sleutel maken $this->gebruikersinfo['sleutel'] = md5(rand(0,99999999999).date("dmyhis")); // Informatie invoegen in database $info = $this->gebruikersinfo['info']; $SQL = "INSERT INTO logins "; $SQL .= "SET uid = '". mysqli_real_escape_string($this->con, $info['id']) ."' "; $SQL .= ", sid = '". mysqli_real_escape_string($this->con, $this->gebruikersinfo['sleutel']) ."' "; $SQL .= ", ip = '". mysqli_real_escape_string($this->con, $this->get_ip()) ."' "; $SQL .= ", datum = NOW() "; mysqli_query($this->con,$SQL) or die("Error: kon niet inloggen."); // Secondes maken van uren, zie configuratie bestand $secondes = login_session_time * 3600; setcookie("sid", $this->gebruikersinfo['sleutel'], time()+$secondes, "/"); // Verversing header("Location: ".$_SERVER['REQUEST_URI']); } private function end_session() { // index.php?actie=uitloggen // Verwijder sessie mysqli_query($this->con,"DELETE FROM logins WHERE sid = '". $_COOKIE['sid'] ."' AND ip = '". $this->get_ip() ."'") or die("Er is een fout opgetreden."); // verwijder cookie $secondes = login_session_time * 3600; setcookie("sid", "", time()-$secondes, "/"); // Redirect $url = str_replace("actie=uitloggen", "", $_SERVER['REQUEST_URI']); // haal de actie weg header("Location: ".$url); } // Functie om gegevens op te vragen public function get_login_info($wat=false) { // Is er iets aanwezig? if(!$this->loginsessie || !count($this->gebruikersinfo)) { return false; } else { if($wat==='alles') { return $this->gebruikersinfo['info']; } elseif(isset($this->gebruikersinfo['info'][$wat])) { return $this->gebruikersinfo['info'][$wat]; } else { return true; } } } } // Class starten $login = new login(); $login->database_velden = array( /* Velden waarvan de value in de database komt. Plaats die in de database en formulier. Syntax: veldnaam:instellingen Instellingen scheiden met '|'. Instellingen: 'verplicht': [string] Verplicht veld. 'min=int': [int] Minimum aantal karakters dat is vereist. 'max=int': [int] Maximum aantal karakters dat is vereist. '==veldnaam': [string] waarde van dit veld moet overeenkomen met 'veldnaam'. 'md5': [string] Codeer met md5. MOET als laatste. */ 'gebruikersnaam:verplicht|uniek|min=3|max=15|', 'rank:max=15|', 'email:max=100|email|', 'avatar:max=100|avatar|', 'wachtwoord:verplicht|min=3|max=16|==wachtwoord2|md5|' /* was eerst 'wachtwoord:verplicht|min=3|max=16|==wachtwoord2'*/ ); $login->init(); ?> Error: Notice: Undefined property: login::$con in C:\xampp\htdocs\Admin\header.php on line 157Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, null given in C:\xampp\htdocs\Admin\header.php on line 157Notice: Undefined property: login::$con in C:\xampp\htdocs\Admin\header.php on line 158Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, null given in C:\xampp\htdocs\Admin\header.php on line 158Notice: Undefined property: login::$con in C:\xampp\htdocs\Admin\header.php on line 166Warning: mysqli_query() expects parameter 1 to be mysqli, null given in C:\xampp\htdocs\Admin\header.php on line 166Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, null given in C:\xampp\htdocs\Admin\header.php on line 167Notice: Undefined property: login::$con in C:\xampp\htdocs\Admin\header.php on line 176Warning: mysqli_error() expects parameter 1 to be mysqli, null given in C:\xampp\htdocs\Admin\header.php on line 176 Link to comment Share on other sites More sharing options...
niche Posted November 19, 2018 Share Posted November 19, 2018 (edited) I'd start with resolving the first error. Looks like there's a problem with your login to your server EDIT: start with config.php does it produce errors by itself? Edited November 19, 2018 by niche Link to comment Share on other sites More sharing options...
justsomeguy Posted November 19, 2018 Share Posted November 19, 2018 You're trying to use a property called $con in your class, but it doesn't have a property. Define the property and then set it in the constructor. You're only setting a local variable called $con, you need to use a property. Link to comment Share on other sites More sharing options...
terrordinky Posted November 21, 2018 Author Share Posted November 21, 2018 On 11/19/2018 at 5:46 PM, terrordinky said: $con = mysqli_connect(mysql_host, mysql_user, mysql_password, mysql_database) or die(mysqli_error($con)); On 11/19/2018 at 7:50 PM, justsomeguy said: You're trying to use a property called $con in your class, but it doesn't have a property. Define the property and then set it in the constructor. You're only setting a local variable called $con, you need to use a property. I tried this, so how should i do it instead? sorry for.my late reaction, i wasnt in town Link to comment Share on other sites More sharing options...
terrordinky Posted November 21, 2018 Author Share Posted November 21, 2018 On 11/19/2018 at 6:23 PM, niche said: I'd start with resolving the first error. Looks like there's a problem with your login to your server EDIT: start with config.php does it produce errors by itself? so far i see / know does config nit have an error. there is only the name of the site and that kinf of stuff. And the site makes connection with the servwr beacause first i got the error that he hadnt connection. but that was because i used the wronh user password. aigin sorry for my late reaction. Link to comment Share on other sites More sharing options...
niche Posted November 21, 2018 Share Posted November 21, 2018 (edited) JSG said it best. $con doesn't exist. Obviously, the site's not making the connection. For me, that was the whole point of learning how to code. How do I manage the use of frameworks and libraries, when I know I don't have the code skills that would've allowed me to do it myself. https://www.w3schools.com/php/php_mysql_connect.asp I'm not criticizing any one. Just talking for myself. IMHO, frameworks and libraries are the rewards for knowing how to code. EDIT: If needed, there are very good vids on youtube RE: PHP Objects Edited November 21, 2018 by niche Link to comment Share on other sites More sharing options...
justsomeguy Posted November 21, 2018 Share Posted November 21, 2018 I tried this, so how should i do it instead? Set $this->con. Declare it with the rest of the properties as private, public, or protected. Link to comment Share on other sites More sharing options...
terrordinky Posted November 22, 2018 Author Share Posted November 22, 2018 22 hours ago, justsomeguy said: Set $this->con. Declare it with the rest of the properties as private, public, or protected. Thank you so so much! This helped me allot! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now