I have a wrong idea on how to code...Welcome, mankolele

The welcome message itself has nothing to do with cookies or sessions. It is only displayed after you logged in and merely mirrors the name (userid) you have entered yourself. When you want to use that userid in more places during a session, you can store it in a cookie or session.

So: after you entered your userid and password, these values are POSTed to a script that goes something like:[php]
$user = $_POST['user'];
$psw = $_POST['psw''];
//
// verify validity of userid and password
//
// if valid:
echo "Welcome $user";
//
// else:
echo "You entered an invalid userid and/or password";
exit;[/php]
Ronald :cool:

The welcome message itself has nothing to do with cookies or sessions. It is only displayed after you logged in and merely mirrors the name (userid) you have entered yourself. When you want to use that userid in more places during a session, you can store it in a cookie or session.

So: after you entered your userid and password, these values are POSTed to a script that goes something like:[php]
$user = $_POST['user'];
$psw = $_POST['psw''];
//
// verify validity of userid and password
//
// if valid:
echo "Welcome $user";
//
// else:
echo "You entered an invalid userid and/or password";
exit;[/php]
Ronald :cool:

Thanks for the quick reply, but I am still lost I have a LOG-IN page when the user is logged-in they get to their page that is where they will be welcomed. or maybe its me who leaves something out.The Welcome still comes out alone without the name.

Only way to resolve this is that you post the code here. Within code or php tags PLEASE.

Ronald :cool:

the login

[PHP]

$connection = mysql_connect("localhost", "root", "issasql");
$select_db = mysql_select_db("schools", $connection);
$connection = mysql_connect("localhost", "root", "issasql");
$select_db = mysql_select_db("schools", $connection);
$query = mysql_query ("SELECT username,password,id FROM passdb where id ='".$_SESSION["id"]."'", $connection);

if(isset($_COOKIE['ID_my_site'])){


$name = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT password,username,id FROM passdb WHERE id = '".$_POST['username']."'")or die(mysql_error());
//$check = mysql_query("SELECT cust_username,cust_pswrd FROM customer WHERE cust_username = '$cust_username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
} else {
header("Location: admin_home.html");
//header("Location: welcome.php");
}
}
}

if (isset($_POST['submit'])) {
if(!$_POST['username'] || !$_POST['password']) {
//die('You did not fill in a required field.<a href=index.html>back</a>');
header("Location: loginFail2.html");
//die('href=loginFail.html');
}

//if (!get_magic_quotes_gpc()) {
// $_POST['email'] = ($_POST['email']);
// $_POST['email'] = addslashes($_POST['email']);
//}

$check = mysql_query("SELECT password,username, status FROM passdb WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
header("Location: loginFail3.html");
//die('That user does not exist in our database. <a href=index.html>Click Here to Register</a>');
} else {

while(list( $password,$username, $status) = mysql_fetch_array( $check ))
{
$_POST['password'] =($_POST['password']);
$password = ($password);
$_POST['password'] = ($_POST['password']);

if ($_POST['password']!= $password) {
header("Location: loginFail.html");
//die('Incorrect password, please try again.<a href=index.html>Click Here </a>');
} else {

if ($status == 'T'){

$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
//header("Location: viewProduct.html");
header("Location: attendance_t.php");

} else if ($status == 'L') {


$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
//header("Location: search_user.php");
//header("Location: viewSupp.php");
header("Location: ViewLearnerInfo.php");

}
else if ($status == 'A') {


$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
header("Location: reg.html");

}
}
}
//}
}}


[/PHP]

The page to where the learner goes to

[PHP]

$server = 'localhost';
$username = 'root';
$password = 'issasql';
$database = 'schools';

// (1) Connect to the MySQL server
$connection = @ mysql_connect($server, $username, $password)OR die("Error ".mysql_errno()." : ".mysql_error());
// (2) Select the database
$select_db = mysql_select_db($database, $connection) OR die("Error ".mysql_errno()." : ".mysql_error());

$sql = mysql_query("select * from passdb where id = '".$_SESSION["id"]."'") or die(mysql_error()) ;


[/PHP]

[HTML]<html>
<head>
<title>Student front page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="file:///D|/Faxregister/docroot/styles" rel="stylesheet" type="text/css">
</head>

<body>
<form action="" method="post" name="Form">
<table width="100%" border="0">
<tr>
<td><img src="faxBanner.png" width="968" height="115"></td>
</tr>
</table>
<table width="100%" border="1" align="right" bordercolor="#FF9900" bgcolor="#999999">
<tr>
<th width="18%" bordercolor="#FFFFCC" bgcolor="#FF9900"><div align="center"><strong>Student
Home</strong></div></th>
<td width="82%" bordercolor="#FFFF00"><div align="center">
<table width="808" border="1" align="center" bordercolor="#000000">
<tr>
<td width=100%> <div align="center"></div>
<div align="center"><a href="attend_report_initial.html">Attendance
Report</a> | <a href="viewAssignment.html">Assignment</a> | Books
| Class Test Schedule | Exam Schedule | Fees | <a href="publicH.html">Holidays</a>
| <a href="viewHomework_initial.html">Home Work</a> | Report |
<a href="viewTimetable.html">TimeTable </a></div></td>
</tr>
</table> </td>
</tr>
</table>
<br></br>
<br>
<hr align="center" color="#000000">
[PHP]
$username = $_POST['username'];
$password = $_POST['password'];


echo "Welcome ".$username;
//if(isset($_COOKIE['lastVisit']))
//$visit = $_COOKIE['lastVisit'];
//else
// echo "You've got some stale cookies!";

//echo "Your last visit was - ". $visit;
[/PHP] <p align="center"><strong><em>Notice Board</em></strong></p>
<div align="center">
<table width="47%" height="260" border="4" bordercolor="#FF9900">
<tr>
<td bordercolor="#FF9900" bgcolor="#FFFFFF"><div align="center">

</div>
</td>
</tr>
</table>
<br></br>
</div>

</form>
<!--
<SCRIPT LANGUAGE='JavaScript'>
<!--

var default1 = "Online School Management System : MANAGE SCHOOL ACTIVITIES"; // only shown once at page load
var text1 = "Online School Management System : LEARNER MANAGEMENT";
var text2 = "Online School Management System : CLASS MANAGEMENT";
var text3 = "Online School Management System : TEACHER MANAGEMENT";
var changeRate = 2000; // 1000 = 1 second
var messageNumber = 0;

function changeStatus() {
if (messageNumber == 0) {
document.title=default1;

}
else if (messageNumber == 1) {
document.title=text1;
}
else if (messageNumber == 2) {
document.title=text2;
}
else if (messageNumber == 3) {
document.title=text3;
messageNumber = 0;
}

messageNumber++;
setTimeout("changeStatus();",changeRate);

}

changeStatus(); // leave here to run right away

// -->
</SCRIPT>
<script language="JavaScript" type ="text/javascript">

function alertViewSelected(){

if(document.Form.select.value == ""){
alert("Please select a Criteria for searching");
document.Form.select.focus();
return false;
}

if(document.Form.textfield.value == ""){
alert("Please enter the Subject you wish to search");
document.Form.text.focus();
return false;
}
}

</script>
</body>
</html>[/HTML]

I have no idea how you pass the userid around. Certainly NOT via the $_POST array. And I cannot see in your code where you POST the userid.

I can see that you do but that way (the GET method) the $_POST array is NOT PASSED to something.php, because there is no POST array.

Ronald :cool:

I have no idea how you pass the userid around. Certainly NOT via the $_POST array. And I cannot see in your code where you POST the userid.

I can see that you do

Expand|Select|Wrap|Line Numbers

1. $_POST['userid'] = stripslashes($_POST['userid']);
2. header('Location: something.php');

but that way (the GET method) the $_POST array is NOT PASSED to something.php, because there is no POST array.

Ronald :cool:

Thanks for the reply, still I dont get what I have to do I changed to passing the id but still works the same.

Thanks for the reply, still I dont get what I have to do I changed to passing the id but still works the same.

Ok this may sound dump to some people but I really dont get how to do it please help.

Hi there.

This code is much to complex for what you are trying to do, it looks like it was made by 5 ppl trying to do the same thing each in their own way :)

I see you use $_Post to send the user information, but you try to verify them using $_Cookie. And somwhere in the middle of this you try to use $_Session to retriev a userid I cant see that you set anywhere.

I for one try to avoid $_Cookie as much as I can... its just.. messy :)

I would do this something like this.

[PHP]
if(isset($_POST['loginsubmit']))
{
$DB = @mysql_connect("host", "user", "pass") or die("Die!!");
@mysql_select_db("dbofDOOM", $DB);

$QUERY = "SELECT UserID FROM table WHERE UserName = ' {$_POST['UserName']}' AND Password = sha('{$_POST['Password']}')";
$RESULT = @mysql_query($QUERY);

if(!!$RESULT)
{
if(mysql_num_rows($RESULT) != 0)
{
echo "Welcome ". $_POST['UserName'];

$row = @mysql_fetch_assoc($RESULT);
$_SESSION['UserID'] = $row['UserID'];
}
else
{
echo "User info wrong!!";
}
}
else
{
echo "The page you are viewing is broken. Please go yell at the administrator.";
}
}
else
{
echo "<form action\"\" method=\"post\">
User: <input type=\"text\" name=\"UserName\" />
<br>Pass: <input type=\"password\" name=\"Password\" />
<br><input type=\"submit\" name=\"loginsubmit\" />
</form>";
}[/PHP]

And now you have your the user id in the $_Session array so you can call it anywhere you like.

Hope this helps :)

Hi there.

This code is much to complex for what you are trying to do, it looks like it was made by 5 ppl trying to do the same thing each in their own way :)

I see you use $_Post to send the user information, but you try to verify them using $_Cookie. And somwhere in the middle of this you try to use $_Session to retriev a userid I cant see that you set anywhere.

I for one try to avoid $_Cookie as much as I can... its just.. messy :)

I would do this something like this.

[PHP]
if(isset($_POST['loginsubmit']))
{
$DB = @mysql_connect("host", "user", "pass") or die("Die!!");
@mysql_select_db("dbofDOOM", $DB);

$QUERY = "SELECT UserID FROM table WHERE UserName = ' {$_POST['UserName']}' AND Password = sha('{$_POST['Password']}')";
$RESULT = @mysql_query($QUERY);

if(!!$RESULT)
{
if(mysql_num_rows($RESULT) != 0)
{
echo "Welcome ". $_POST['UserName'];

$row = @mysql_fetch_assoc($RESULT);
$_SESSION['UserID'] = $row['UserID'];
}
else
{
echo "User info wrong!!";
}
}
else
{
echo "The page you are viewing is broken. Please go yell at the administrator.";
}
}
else
{
echo "<form action\"\" method=\"post\">
User: <input type=\"text\" name=\"UserName\" />
<br>Pass: <input type=\"password\" name=\"Password\" />
<br><input type=\"submit\" name=\"loginsubmit\" />
</form>";
}[/PHP]

And now you have your the user id in the $_Session array so you can call it anywhere you like.

Hope this helps :)

Thanks for the reply but I only get to the page is broken cant get through. I admit I am new to PHP and trying not to make it obvious. What amm I missing here?

Thanx

The database info is most likely wrong, I'd bet you forgot to change the table name in the $QUERY

I already tested the code and it works fine if the info is right ;)

The database info is most likely wrong, I'd bet you forgot to change the table name in the $QUERY

I already tested the code and it works fine if the info is right ;)

That was the first thing I changed, the id is auoto_increment is my primary key where the username ,password and the rest follows..... this is making me feel really stupid coz its been 4days working on it and it is a small thing I know, but what?

We know the script works... so it is the mysql data that is wrong.
So we need the page to print the database error when it accures.

Add this where the "Page is broken" is printed
[PHP]echo "<br>". $QUERY;
echo "<br>". mysql_error();
[/PHP]

Now when you run the script, if the query fails you should be able to see they query and the error returned by mysql.

O and I just noticed.. In the query I sha() encoded the password... it migth be the problem. Try removing it

We know the script works... so it is the mysql data that is wrong.
So we need the page to print the database error when it accures.

Add this where the "Page is broken" is printed
[PHP]echo "<br>". $QUERY;
echo "<br>". mysql_error();
[/PHP]

Now when you run the script, if the query fails you should be able to see they query and the error returned by mysql.

O and I just noticed.. In the query I sha() encoded the password... it migth be the problem. Try removing it

Thanks it works I removed more than just the sha().Thanks for the patience again.

Oh no! the login page pops up twice, from the original one it goes to the right page with another login form, when removing the second one it does not display the welcome note , I think I dont have the right logic, I know I dont any idea how to fix that?

Thankx