Re: [PHP] making FORM dissapear when successful login
Will,
Thanks so much for all the time and effort you have put into making my
code better. I dont have time right now to really test all of this out,
but when i do, if i have any questions about your modified code, i will
be sure to ask you.
Again thanks!
Jason
Will Merrell wrote:
On Tuesday, January 04, 2005 9:05 PM, JHollis wrote:
I had this code working the way i wanted it to (as far as
correct username and password allowing successful login)
...but what i want to happen now is when a user
successfully logs it it will make the login
form disappear and just say successfully logged in or
welcome user and a link below it so they can log off and
make the form re-appear.
[and then he included some sample code]
I am working on something similar, so I was intrigued at your question. I
took the liberty of looking at your code and rewritting it somewhat. Here
are my thoughts and my version.
First, as someone else noted, it is best to do the login/logout logic at the
top of the code because a lot of things in PHP require that they be done
before any output is sent. So I find it is best to resolve all of that
before I send any HTML.
Second, I don't like to rely on side effects and data outside my control to
determine my code logic. I perfer to figure out what I need and then set a
variable of my own to use to steer my logic. So in this case I want to
determine if I have a valid user and then set a variable to hold the state
of the user. Then I can use that variable to steer my logic later in the
code.
Below is my version of your code. I have added session management so a user
can stay logged on over multiple pages. This is demonstrated by the Reload
button in the Content section.
!-- Snippet --- --
?php
// cleanup_text() protects against malicious users
// using POST values to insert dangerous code into
// your sql calls. All user supplied data should
// be filtered before being trusted.
function cleanup_text ($value)
{
return htmlspecialchars(strip_tags($value));
}
// logout closes a logged in user session. It is
// in a function because it is called in several
// places
function logout()
{
global $user;
global $userid;
unset($user);
$userid = 0;
session_destroy();
}
$userid = 0;// contains the sql record id of
// the logged in user. It can be
// used to test if a user is
// logged in. This assumes that
// no valid record has an id of 0.
// Database connection code:
// Asumptions:
//1) Using MySQL
//2) user login info is contained in a table
// called 'users'
//3) 'users' contains a unique identifier field
// called 'id' and it is numeric
//4) 'users' contains a unique field
// called 'username' and it is string type
// (that is, each user has only one record
// per'username' entry)
//5) 'users' contains a string field called
// 'password'
//6) the 'password' field contains the password
// data encoded in md5 form. This is for added
// security.
$db_username=root;
$db_password=;
$db=teamtrack;
$server=localhost;
$connect = mysql_connect($server,$db_username,$db_password);
if (!$connect)
{
die (Error: could not connect to databasebr /\n);
}
$select = mysql_select_db($db,$connect);
if (!$select)
{
die (Error: could not select database $dbbr /\n);
}
session_start(); // Start the session.
// Check to see if we are already logged in from some previous session.
if( isset($_SESSION['userid']) $_SESSION['userid'] 0 )
{
// Check to see if we are logging out.
if ( isset($_POST['login']) $_POST['login'] == Log Out )
{
logout();
}
else
{
// if we were previously logged in and we are not
// logging out then set up the user's data
$userid = $_SESSION['userid'];
$sql = select * from users where id=$userid;
$result = mysql_query($sql);
$user = mysql_fetch_object($result);
if (isset($user-id))
{
// The specified user was found in the database
$userid = $user-id;
$_SESSION['userid'] = $userid;
}
else
{
// The specified user was NOT found in the database
logout();
}
}
}
else
{
// We were NOT previously logged in, so check if this is a
// login request
if ( isset($_POST['login']) $_POST['login'] == Login )
{
$sql = select * from users where username=' .
cleanup_text ($_POST['username']) . ' and password=md5(' .
cleanup_text ($_POST['password']) . ');
$result = mysql_query($sql);
$user = mysql_fetch_object($result);
if (isset($user-id))
{
// The specified user was found in the database
$userid = $user-id;
$_SESSION['userid'] = $userid;
}
else
[PHP] Re: Multiple POP accounts on Webmail Front
James Nunnerley wrote: Hi All, Bit of a side question, but it's still php related. Does anyone know of a Webmail client, preferably open-source, that is able to support single login, to allow users to collect and use multiple POP3 or IMAP accounts? I'm currently using Ilohamail, and have used Squirrel in the past, but neither, I don't, think support multiple POP3 accounts on one login. Any ideas? Cheers James Check this out! http://openwebmail.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Problem with MySQL
Try running mysqld without the -opt. Check out this site www.apachefriends.org it has a great all in one package that can be installed on Windows and Linux. If you install it on Windows it has the option to setup mysql and apache to run as services. This XAMPP package is a no brainer!! Hope this helps. Andrew Maxwell wrote: Hello, Im fairly new to PHP and I am running an Apache web server on my computer, set up as localhost, and i recently installed MySQL 4.1 . I am having trouble making a DB and a table in the DB. when i try to create it from a command prompt it tells me this: C:\mysql\binmysqld-opt C:\mysql\binmysqladmin create userDB mysqladmin: connect to server at 'localhost; failed error: 'Can't connect to MySQL server on 'localhost' (10061)' Check that mysqld is running on localhost and that the port is 3306. You can check this by doing 'telnet localhost 3306' and when I try to connect using Telnet it gives me this error Microsoft Telnet open localhost 3306 Connecting to localhost...Could not open connection to the host, on port 3306: Connection failed And when i run services.msc it shows that mysql is running, so i dont know what the problem is. Anyone have any ideas? ~Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: making FORM dissapear when successful login
Thank you for your suggestion, but do you care to be more descriptive,
maybe some examples would be nice. Can you tell my why the code i have
doesnt work? I would love to use sessions, but i was just trying to get
an understanding of how the basics work first.
Jonathan wrote:
I think you should use session control after checking for login.
JHollis [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I had this code working the way i wanted it to (as far as correct
username and password allowing successful login)...but what i want to
happen now is when a user successfully logs it it will make the login
form disappear and just say successfully logged in or welcome user and a
link below it so they can log off and make the form re-appear. Below is
the code that i have where i tried to get it to disappear on successful
login, but it stays disappeared all the time. Can someone please point
out what im doing wrong. I have tried everything i can think of...and
nothing works. Im a PHP newbie...so im sure some of you might get a
laugh out of this...if it is real easy.
---snippet
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Strict//EN
http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd;
html
head
link href=style.css rel=stylesheet type=text/css /
/head
body
div id=container
div id=top
h1header/h1
/div
div id=leftnav
p
?php
$username=$_POST['username'];
$password=$_POST['password'];
$db=user;
$server=localhost;
$db_username=root;
$db_password=***;
$connect = mysql_connect($server,$db_username,$db_password);
if (!$connect) {
die (could not connect to database);
}
$select = mysql_select_db($db,$connect);
if (!$select) {
die (could not select database $db);
}
/*username='$username';*/
$sql = SELECT * FROM passwords, user_info where id=PID and
username='$username';
$result = mysql_query($sql);
/*$num_rows = mysql_num_rows($result);*/
while ($user = mysql_fetch_array($result))
{
$id = $user['id'];
$username2 = $user['username'];
$password2 = $user['password'];
$firstname = $user['firstname'];
$email = $user['email_address'];
IF ($username==$username2 $password==$password2)
{
echo(\Welcome, b$firstname/b\);?br?
echo (\Your email address is b$emailb\);?/tdtr
a href=?$_SERVER['PHP_SELF']??username=?password=Logoff/a?
break;
}
else
{
?
FORM action=?$_SERVER['PHP_SELF']? method=post
INPUT type=hidden name=id
table
tdb*/bUsername:/td tdINPUT class=input size=8
type=text name=username value=?echo $username?/tdtr
tdb*/bPassword:/td tdINPUT class=input size=8
type=password name=password/tdtr
td class=xsmallb* Case Sensitive/b/td
tdINPUT type=submit value=Login/tdtr
tdnbsp /td
/table
/FORM
?
break;
}
}
//IF ($username != $username2 || $password != $password2) {//
?br
?
if ($username == $password == ) {
echo (Please type in a Username and Password);}
if ($username != $password == ) {
echo (Please type in a password);}
if ($username == $password != ) {
echo (Please type in a username and password);}
?
/p
/div
?if (($username2==$username $password2==$password)
($username2!= || $password2!=)){?
div id=rightnav class=box
p
/p
/div
?}?
div id=content
h2Subheading/h2
p
/p
p
/p
/div
div id=footer
p
Today is
?php
echo( date(F dS Y.));
?
/p
/div
/div
/body
/html
snippet
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: making FORM dissapear when successful login
Where do i need to start my session? Ive copied and pasted exactly what
you have typed..and the form doesnt display unless i hard code the
variable to NO.
Jerry Kita wrote:
I do exactly the same thing on my website. I use PHP's Session handling
to determine if a user is actually logged on.
You can see that I check a variable called $validlogon which I set to
either YES or NO at the beginning of the script
?php
if ($validlogon == NO) {
print p class=\hnavbar\Salkehatchie Members Login Here:br\n;
print form action=\Salkehatchie_LoginScript.php\ method=\POST\\n;
print p class=\login\smallUSER ID:/smallbr\n;
print input type=\text\ name=\userid\brbr\n;
print smallPASSWORD:/smallbr\n;
print input type=\password\ name=\password\brbr\n;
print input type=\submit\ value=\Enter\/p\n;
print /form\n;
}
?
Near the beginning of my script I check for the existence of a valid
session
?php
if (isset($_SESSION[userid])) {
$validlogon = YES;
} else {
$validlogon = NO;
}
?
Setting the $validlogon variable allows me to do a number of useful
things. For example, there are certain parts of the webpage that I
reveal to logged in users. Checking $validlogon allows me to decide
dynamically what to render to the browser. In the following I display
a message showing the user as being logged in and give them a link that
logs them out.
if ($validlogon == YES) {
print table style=\width: 100%\;\n;
print tbody\n;
print tr\n;
print td width=\50%\p class=\login\smallbYOU ARE LOGGED
IN AS: $_SESSION[userid]/b/small/p/td\n;
print td width=\50%\p class=\login\smallbCLICK a
href=\LogoutScript.php\ here/a TO LOGOUT/b/small/p/td\n;
print /tr\n;
print /table\n;
}
Hope this is helpful
Jerry Kita
JHollis wrote:
I had this code working the way i wanted it to (as far as correct
username and password allowing successful login)...but what i want to
happen now is when a user successfully logs it it will make the login
form disappear and just say successfully logged in or welcome user and
a link below it so they can log off and make the form re-appear.
Below is the code that i have where i tried to get it to disappear on
successful login, but it stays disappeared all the time. Can someone
please point out what im doing wrong. I have tried everything i can
think of...and nothing works. Im a PHP newbie...so im sure some of
you might get a laugh out of this...if it is real easy.
---snippet
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Strict//EN
http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd;
html
head
link href=style.css rel=stylesheet type=text/css /
/head
body
div id=container
div id=top
h1header/h1
/div
div id=leftnav
p
?php
$username=$_POST['username'];
$password=$_POST['password'];
$db=user;
$server=localhost;
$db_username=root;
$db_password=***;
$connect = mysql_connect($server,$db_username,$db_password);
if (!$connect) {
die (could not connect to database);
}
$select = mysql_select_db($db,$connect);
if (!$select) {
die (could not select database $db);
}
/*username='$username';*/
$sql = SELECT * FROM passwords, user_info where id=PID and
username='$username';
$result = mysql_query($sql);
/*$num_rows = mysql_num_rows($result);*/
while ($user = mysql_fetch_array($result))
{
$id = $user['id'];
$username2 = $user['username'];
$password2 = $user['password'];
$firstname = $user['firstname'];
$email = $user['email_address'];
IF ($username==$username2 $password==$password2)
{
echo(\Welcome, b$firstname/b\);?br?
echo (\Your email address is b$emailb\);?/tdtr
a
href=?$_SERVER['PHP_SELF']??username=?password=Logoff/a?
break;
}
else
{
?
FORM action=?$_SERVER['PHP_SELF']? method=post
INPUT type=hidden name=id
table
tdb*/bUsername:/td tdINPUT class=input
size=8 type=text name=username value=?echo $username?/tdtr
tdb*/bPassword:/td tdINPUT class=input
size=8 type=password name=password/tdtr
td class=xsmallb* Case Sensitive/b/td
tdINPUT type=submit value=Login/tdtr
tdnbsp /td
/table
/FORM
?
break;
}
} //IF ($username != $username2 || $password !=
$password2) {//
?br
?
if ($username == $password == ) {
echo (Please type in a Username and Password);}
if ($username != $password == ) {
echo (Please type in a password);}
if ($username == $password != ) {
echo (Please type in a username and password);}
?
/p
/div
?if (($username2==$username $password2==$password
[PHP] Re: making FORM dissapear when successful login
nevermind...i figured it out. I will read up on sessions and test some
things with what you posted and if i have anymore questions, i will post
them. Thanks Jerry.
If anyone else has any other suggestions, please feel free to share them
with me.
JHollis wrote:
Where do i need to start my session? Ive copied and pasted exactly what
you have typed..and the form doesnt display unless i hard code the
variable to NO.
Jerry Kita wrote:
I do exactly the same thing on my website. I use PHP's Session
handling to determine if a user is actually logged on.
You can see that I check a variable called $validlogon which I set to
either YES or NO at the beginning of the script
?php
if ($validlogon == NO) {
print p class=\hnavbar\Salkehatchie Members Login Here:br\n;
print form action=\Salkehatchie_LoginScript.php\ method=\POST\\n;
print p class=\login\smallUSER ID:/smallbr\n;
print input type=\text\ name=\userid\brbr\n;
print smallPASSWORD:/smallbr\n;
print input type=\password\ name=\password\brbr\n;
print input type=\submit\ value=\Enter\/p\n;
print /form\n;
}
?
Near the beginning of my script I check for the existence of a valid
session
?php
if (isset($_SESSION[userid])) {
$validlogon = YES;
} else {
$validlogon = NO;
}
?
Setting the $validlogon variable allows me to do a number of useful
things. For example, there are certain parts of the webpage that I
reveal to logged in users. Checking $validlogon allows me to decide
dynamically what to render to the browser. In the following I display
a message showing the user as being logged in and give them a link that
logs them out.
if ($validlogon == YES) {
print table style=\width: 100%\;\n;
print tbody\n;
print tr\n;
print td width=\50%\p class=\login\smallbYOU ARE
LOGGED IN AS: $_SESSION[userid]/b/small/p/td\n;
print td width=\50%\p class=\login\smallbCLICK a
href=\LogoutScript.php\ here/a TO LOGOUT/b/small/p/td\n;
print /tr\n;
print /table\n;
}
Hope this is helpful
Jerry Kita
JHollis wrote:
I had this code working the way i wanted it to (as far as correct
username and password allowing successful login)...but what i want to
happen now is when a user successfully logs it it will make the login
form disappear and just say successfully logged in or welcome user
and a link below it so they can log off and make the form re-appear.
Below is the code that i have where i tried to get it to disappear on
successful login, but it stays disappeared all the time. Can someone
please point out what im doing wrong. I have tried everything i can
think of...and nothing works. Im a PHP newbie...so im sure some of
you might get a laugh out of this...if it is real easy.
---snippet
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Strict//EN
http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd;
html
head
link href=style.css rel=stylesheet type=text/css /
/head
body
div id=container
div id=top
h1header/h1
/div
div id=leftnav
p
?php
$username=$_POST['username'];
$password=$_POST['password'];
$db=user;
$server=localhost;
$db_username=root;
$db_password=***;
$connect = mysql_connect($server,$db_username,$db_password);
if (!$connect) {
die (could not connect to database);
}
$select = mysql_select_db($db,$connect);
if (!$select) {
die (could not select database $db);
}
/*username='$username';*/
$sql = SELECT * FROM passwords, user_info where id=PID and
username='$username';
$result = mysql_query($sql);
/*$num_rows = mysql_num_rows($result);*/
while ($user = mysql_fetch_array($result))
{
$id = $user['id'];
$username2 = $user['username'];
$password2 = $user['password'];
$firstname = $user['firstname'];
$email = $user['email_address'];
IF ($username==$username2
$password==$password2)
{
echo(\Welcome, b$firstname/b\);?br?
echo (\Your email address is b$emailb\);?/tdtr
a
href=?$_SERVER['PHP_SELF']??username=?password=Logoff/a?
break;
}
else
{
?
FORM action=?$_SERVER['PHP_SELF']? method=post
INPUT type=hidden name=id
table
tdb*/bUsername:/td tdINPUT class=input
size=8 type=text name=username value=?echo
$username?/tdtr
tdb*/bPassword:/td tdINPUT class=input
size=8 type=password name=password/tdtr
td class=xsmallb* Case Sensitive/b/td
tdINPUT type=submit value=Login/tdtr
tdnbsp /td
/table
/FORM
?
break;
}
} //IF ($username != $username2 || $password !=
$password2) {//
?br
?
if ($username == $password == ) {
echo (Please type in a Username and Password);}
if ($username
[PHP] making FORM dissapear when successful login
I had this code working the way i wanted it to (as far as correct
username and password allowing successful login)...but what i want to
happen now is when a user successfully logs it it will make the login
form disappear and just say successfully logged in or welcome user and a
link below it so they can log off and make the form re-appear. Below is
the code that i have where i tried to get it to disappear on successful
login, but it stays disappeared all the time. Can someone please point
out what im doing wrong. I have tried everything i can think of...and
nothing works. Im a PHP newbie...so im sure some of you might get a
laugh out of this...if it is real easy.
---snippet
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Strict//EN
http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd;
html
head
link href=style.css rel=stylesheet type=text/css /
/head
body
div id=container
div id=top
h1header/h1
/div
div id=leftnav
p
?php
$username=$_POST['username'];
$password=$_POST['password'];
$db=user;
$server=localhost;
$db_username=root;
$db_password=***;
$connect = mysql_connect($server,$db_username,$db_password);
if (!$connect) {
die (could not connect to database);
}
$select = mysql_select_db($db,$connect);
if (!$select) {
die (could not select database $db);
}
/*username='$username';*/
$sql = SELECT * FROM passwords, user_info where id=PID and
username='$username';
$result = mysql_query($sql);
/*$num_rows = mysql_num_rows($result);*/
while ($user = mysql_fetch_array($result))
{
$id = $user['id'];
$username2 = $user['username'];
$password2 = $user['password'];
$firstname = $user['firstname'];
$email = $user['email_address'];
IF ($username==$username2 $password==$password2)
{
echo(\Welcome, b$firstname/b\);?br?
echo (\Your email address is b$emailb\);?/tdtr
a href=?$_SERVER['PHP_SELF']??username=?password=Logoff/a?
break;
}
else
{
?
FORM action=?$_SERVER['PHP_SELF']? method=post
INPUT type=hidden name=id
table
tdb*/bUsername:/td tdINPUT class=input size=8
type=text name=username value=?echo $username?/tdtr
tdb*/bPassword:/td tdINPUT class=input size=8
type=password name=password/tdtr
td class=xsmallb* Case Sensitive/b/td
tdINPUT type=submit value=Login/tdtr
tdnbsp /td
/table
/FORM
?
break;
}
}
//IF ($username != $username2 || $password != $password2) {//
?br
?
if ($username == $password == ) {
echo (Please type in a Username and Password);}
if ($username != $password == ) {
echo (Please type in a password);}
if ($username == $password != ) {
echo (Please type in a username and password);}
?
/p
/div
?if (($username2==$username $password2==$password)
($username2!= || $password2!=)){?
div id=rightnav class=box
p
/p
/div
?}?
div id=content
h2Subheading/h2
p
/p
p
/p
/div
div id=footer
p
Today is
?php
echo( date(F dS Y.));
?
/p
/div
/div
/body
/html
snippet
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
