[PHP-DB] Getting info from Cookie
Hi! How can you extract a certain form of info from a Cookie? Im my case the cookie name is crispy. It has been stored with a session id and a charnick. How do I extract the charnick and use it in the page as $charnick or similar? Best Regards Cato Larsen -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] Getting info from Cookie
Thanks! But how do you extract a certain point of info from it? The info is seperated by + (without the 's) I used: ?php echo $HTTP_COOKIE_VARS[TestCookie]; ? And I got Cato+bec39d1ca1091da20b4a8ef5ecacfde8 Where bec39d1ca1091da20b4a8ef5ecacfde8 is the session id for the MySQL database, and Cato is what I want to extract. Cato -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] Member authentication with PHP and MySQL
Hi!
I'm trying to authenticate members by using php and MySQL.
This is what I've come to so far:
?php
$auth = false; // Assume user is not authenticated
if (isset( $email ) isset($password)) {
// Connect to MySQL
mysql_connect( 'localhost', 'Xephiroth', 'lordoftherings' )
or die ( 'Unable to connect to server.' );
// Select database on MySQL server
mysql_select_db( 'members' )
or die ( 'Unable to select database.' );
// Formulate the query
$sql = SELECT * FROM memberinfo WHERE
email = '$email' AND
password = '$password';
// Execute the query and put results in $result
$result = mysql_query( $sql )
or die ( 'Unable to execute query.' );
// Get number of rows in $result.
$num = mysql_numrows( $result );
if ( $num != 0 ) {
// A matching row was found - the user is authenticated.
$auth = true;
}
}
if ( ! $auth ) {
header( 'WWW-Authenticate: Basic realm=Members only' );
header( 'HTTP/1.0 401 Unauthorized' );
echo 'Authorization Required to enter the member area';
exit;
} else {
echo '
-SITE CONTENT-
'; } ?
How do I make the authentication to go to site:
members.php?charnick=$charnick
Where $charnick is brung from the DB line who was authenticated?
So that Peter won't end up at John 's membersite?
Thanks for your time and expertese!
Best regards Cato
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] Member authentication with PHP and MySQL
Thanks a mill Sheridan! This was accually what I was looking for, but gave up since the other tutorials and script examples where too complicated for me to grasp. One question to the code on the site: Is it possible to insert info to be grabbed on other sites? Like email password name So you can grab like name, instead of having to querity the DB all the time you need the name of the person and so on? And if yes, how do you get it from the cookie and insert it into the page like $name ? Best regards Cato Larsen -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] Member authentication with PHP and MySQL
One more thing...
When I've set up the script and run it on my local server I get this error:
Sheridan Saint-Michel [EMAIL PROTECTED] wrote in message
00df01c12400$ad2a1220$[EMAIL PROTECTED]">news:00df01c12400$ad2a1220$[EMAIL PROTECTED]...
I would use either cookies or sessions for this.
First Check for the cookie, and verify its contents.
If there isn't a cookie then do the login prompt like you
are doing now.
Here's some pseudocode to give you a quick idea of what I mean
if (isset($cookie)
{
if (CheckCookie())
{
SiteContent();
} else {
Kill Cookie
GiveLoginPrompt();
}
} elseif (isset($login) {
if (CheckLogin())
SetCookie();
} else {
GiveLoginPrompt
}
On all the other pages on the site you just have a header check the
cookie and redirect to the login page if it doesn't check out
ie:
if (!isset($cookie))
{
header(Location: http://www.yourdomain.com/login.php;);
exit;
}
if (!CheckCookie())
{
header(Location: http://www.yourdomain.com/login.php;);
exit;
}
If you want to use sessions just replace cookie with session =P
Here is an example script I wrote a while back if you want to
see more than metacode
http://www.zend.com/codex.php?id=393single=1
And here is the header for other files on the site using the above script
http://www.zend.com/codex.php?id=397single=1
Let me know if this helps
Sheridan Saint-Michel
Website Administrator
FoxJet, an ITW Company
www.foxjet.com
- Original Message -
From: Cato Larsen [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, August 12, 2001 6:47 PM
Subject: [PHP-DB] Member authentication with PHP and MySQL
Hi!
I'm trying to authenticate members by using php and MySQL.
This is what I've come to so far:
?php
$auth = false; // Assume user is not authenticated
if (isset( $email ) isset($password)) {
// Connect to MySQL
mysql_connect( 'localhost', 'Xephiroth', 'lordoftherings' )
or die ( 'Unable to connect to server.' );
// Select database on MySQL server
mysql_select_db( 'members' )
or die ( 'Unable to select database.' );
// Formulate the query
$sql = SELECT * FROM memberinfo WHERE
email = '$email' AND
password = '$password';
// Execute the query and put results in $result
$result = mysql_query( $sql )
or die ( 'Unable to execute query.' );
// Get number of rows in $result.
$num = mysql_numrows( $result );
if ( $num != 0 ) {
// A matching row was found - the user is authenticated.
$auth = true;
}
}
if ( ! $auth ) {
header( 'WWW-Authenticate: Basic realm=Members only' );
header( 'HTTP/1.0 401 Unauthorized' );
echo 'Authorization Required to enter the member area';
exit;
} else {
echo '
-SITE CONTENT-
'; } ?
How do I make the authentication to go to site:
members.php?charnick=$charnick
Where $charnick is brung from the DB line who was authenticated?
So that Peter won't end up at John 's membersite?
Thanks for your time and expertese!
Best regards Cato
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] Member authentication with PHP and MySQL
Arg...
I get this error:
Unable to update database. Please contact [EMAIL PROTECTED]
Am I missing something in my DB?
Fields in DB:
id, email, password, name, loc, aim, icq, msn, yahoo, charname ,charsname,
charnick, tit, lvl, picurl, born, appearance, charac, streng, bio, breed,
prof, posn.
This is the current source:
?php
//Put in your own info for username, password, DB, email@address,
Cookiename,
//the name of this page (currently login.php) and the name of your subscribe
//or new user page (currently new.php). I went ahead and included all the
HTML
//so this page should work as is, with only the changes described above
needed
// - Lysander ([EMAIL PROTECTED])
$dblink = mysql_pconnect(localhost,Xephiroth,lordoftherings);
mysql_select_db(members);
$headers=0; //Make Sure HTML Headers are in place before the form
//after Authenticating the script automatically sends the browser to
//the webpage of your choice (note if your page calls this
//script with ?redirect=foobar.php it will automatically
//redirect to foobar.php after authenticating. Set the default
//redirect page here
if ( !isset($redirect))
{
$redirect = default.php;
}
if (isset($email) isset($password)) {
$query = select * from memberinfo where email = \$email\ and password =
\$password\;
if ( !($dbq = mysql_query($query, $dblink))) {
echo Unable to query database. Please Contact a
href=\mailto:[EMAIL PROTECTED]\;[EMAIL PROTECTED]/a.\n;
exit;
}
$lim = mysql_num_rows( $dbq );
if ($lim != 1) {
$headers=1; //HTML headers in place
echo html;
echo head;
echo titleMember logon/title;
echo meta http-equiv=\Content-Type\ content=\text/html;
charset=iso-8859-1\;
echo /head;
echo body bgcolor=\#00\ text=\#FF\ leftmargin=\0\
topmargin=\0\ marginwidth=\0\ marginheight=\0\
background=\../images/back.gif\ bgproperties=\fixed\ link=\#CC\
vlink=\#CC\ alink=\#CC\;
echo BInvalid E-Mail adress and/or Password. Please Try again/BBR;
}
if ($lim == 1) {
//make unique session id and store it in Database
$timer = md5(time());
$sid = $email . + . $timer;
SetCookie(ElectrocutedClanRemains,$sid,time()+2592000); //Set Cookie for
30 days
$query = update members set sid=\$timer\ where email=\$email\;
if( !($dbq = mysql_query( $query, $dblink))) {
echo Unable to update database. Please contact a
href=\[EMAIL PROTECTED]\[EMAIL PROTECTED]/a.\n;
exit;
}
$headers=1;
header(Location: $redirect);
exit;
}
}
if (isset($ElectrocutedClanRemains)) {
$headers=1; //make sure HTML headers are in place before the form
$sidarray = explode(+, $ElectrocutedClanRemains);
$query = select * from memberinfo where email = \$sidarray[0]\ and sid
= \$sidarray[1]\;
if ( !($dbq = mysql_query($query, $dblink))) {
echo Unable to find database. Please Contact a
href=\mailto:[EMAIL PROTECTED]\;[EMAIL PROTECTED]/a.\n;
exit;
}
if (mysql_num_rows( $dbq ) == 1) {
echo html;
echo head;
echo titleMember logon/title;
echo meta http-equiv=\Content-Type\ content=\text/html;
charset=iso-8859-1\;
echo /head;
echo body bgcolor=\#00\ text=\#FF\ leftmargin=\0\
topmargin=\0\ marginwidth=\0\ marginheight=\0\
background=\../images/back.gif\ bgproperties=\fixed\ link=\#CC\
vlink=\#CC\ alink=\#CC\;
echo You are already logged in as $sidarray[0].BR;
echo You may logon as another user or simply begin using our services with
your current session.BR;
}
}
if ($headers == 0) {
echo html;
echo head;
echo titleMember logon/title;
echo meta http-equiv=\Content-Type\ content=\text/html;
charset=iso-8859-1\;
echo /head;
echo body bgcolor=\#00\ text=\#FF\ leftmargin=\0\
topmargin=\0\ marginwidth=\0\ marginheight=\0\
background=\../images/back.gif\ bgproperties=\fixed\ link=\#CC\
vlink=\#CC\ alink=\#CC\;
}
echo table width=\846\ border=\0\ cellspacing=\0\
cellpadding=\0\;
echo tr;
echo td width=\80\ height=\30\nbsp;/td;
echo td height=\30\nbsp;/td;
echo /tr;
echo tr;
echo td width=\80\nbsp;/td;
echo td;
echo table width=\766\ border=\0\ cellpadding=\0\
cellspacing=\0\;
echo tr;
echo td colspan=\3\;
echo div align=\center\;
echo table width=\766\ border=\0\ cellspacing=\0\ cellpadding=\0\
background=\../images/middletop.gif\;
echo tr ;
echo td width=\8\img src=\../images/left.gif\ width=\8\
height=\29\/td;
echo td background=\../images/middletop.gif\ align=\left\
valign=\middle\font color=\#33\bfont size=\4\Member Logon
/font/b/fontfont size=\4\ face=\Times New Roman, Times, serif\
color=\#33\;
echo b /b/font/td;
echo td width=\9\;
echo div align=\right\img src=\../images/right.gif\ width=\8\
height=\29\/div;
echo /td;
echo /tr;
echo /table;
echo /div;
echo /td;
echo /tr;
echo tr;
echo td width=\3\ background=\../images/framev.gif\img
src=\../images/framev.gif\ width=\3\ height=\100%\/td;
echo td bgcolor=\#33\ width=\760\ align=\center\
valign=\middle\;
echo form name=\auth\ method=\post\ action=\vault.php\;
echo table width=\100%\
[PHP-DB] Re: PHP4, MySQL, errors....
Hey!
Thanks for the help Mr. Bothwell.
But now it seems I get a new error:
Parse error: parse error in C:\Program Files\Apache
Group\Apache\htdocs/oiamemb/members.php on line 89
I don't know why, or if it's the MySQL database who's moching with me.
The current source is as follows: (Guess I've screwed it up worse than
ever...)
Thanks to all the people who have helped me. This is my first try at PHP,
and MySQL for that matter so I realy apreciate it!
Best regards Cato
Code start
?
$usr = Xephiroth;
$pwd = lordoftherings;
$db = members;
$host = localhost;
# connect to database
$cid = mysql_connect($host,$usr,$pwd);
if (!$cid) {
echo Error: .mysql_error();
exit;
}
?
html
head
titleProfiles/title
meta http-equiv=Content-Type content=text/html; charset=iso-8859-1
/head
body bgcolor=#00 text=#FF leftmargin=0 topmargin=0
marginwidth=0 marginheight=0 background=../images/back.gif
bgproperties=fixed
?
$str = PHP is not running!;
echo substr($str, 0, 7) . substr($str, 11);
?
?
$prof = Nano-Technician; # setup SQL statement
$SQL = SELECT * FROM memberinfo ;
$retid = mysql_db_query($db, $SQL, $cid); # check for errors
if (!$retid) { echo( mysql_error()); } else { # display results
while ($row = mysql_fetch_array($retid)) {
$email = $row[email];
$loc = $row[loc];
$aim = $row[aim];
$icq = $row[icq];
$msn = $row[msn];
$yahoo = $row[yahoo];
$charname = $row[charname];
$charsname = $row[charsname];
$charnick = $row[charnick];
$tit = $row[tit];
$lvl = $row[lvl];
$picurl = $row[picurl];
$born = $row[born];
$apperiance = $row[apperiance];
$charac = $row[charac];
$streng = $row[streng];
$bio = $row[bio];
$breed = $row[breed];
$prof = $row[prof];
$posn = $row[posn];
$contents = row(cell(, 150) . cell(, 200) . cell(, 200));
while ($row = mysql_fetch_array($retid))
$contents .= row(
cell(img src='{$row[picurl]}')
.cell(
bold(
{$row[tit]} {$row[charname]}
.quot;{$row[charnick]}quot;
.{$row[charsname]}
).br
.bold(Contact: ).$row[email].br
.bold(Level: ).$row[lvl].br
.bold(Breed: ).$row[breed].br
.bold(Profession: ).$prof.br
.bold(Location: ).$row[loc].br
.bold(AIM: ).$row[aim].br
.bold(ICQ: ).$row[icq].br
.bold(MSN: ).$row[msn].br
.bold(Yahoo!: ).$row[yahoo].br
)
.cell(
br
.bold(Born: ).$row[born].br
.bold(Appearance: ).$row[appearance].br
.bold(Position: ).$row[posn].br
.bold(Characteristics: ).$row[charac].br
.bold(Strengths/weaknesses: ).$row[streng].br
.bold(Bio: ).$row[bio].br
)
);
echo table($contents);
)
?
/body
/html
-- Code end
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] PHP4, MySQL, errors....
table width=100% border=0 cellspacing=0 cellpadding=0 tr tdbBorn:/b $born/td /tr tr tdbAppearance:/b $apperiance/td /tr tr td height=18bPosition:/b $posn/td /tr tr tdbDistinguishing characteristics:/b $charac/td /tr tr tdbStrengths and weaknesses:/b $streng/td /tr tr tdbBio:/b $bio/td /tr /table /td /tr tr td colspan=3 height=2img src=../images/profdot.gif width=100% height=2/td /tr /table /td /tr /table /td /tr /table \n); } ? /body /html --- Code end Any ideas? Best regards Cato Larsen -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
