By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,320 Members | 2,109 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,320 IT Pros & Developers. It's quick & easy.

How can I create client accounts pages for customer's files to uploaded

P: 2
I would like to create a page for my clients to login and check for updates on their accounts. Then I would like to create a page where my employees can login and make updates, specifically new file uploads, to the clients accounts. I have seen similar sites everywhere, such as bank websites, USPS site, et cetera. What is
required to accomplish this? I'm trying to do this with the PHP, MySQL and Adobe CS3 Master collection's 'Dreamweaver CS3'

I thought it would be as easy as setting up a database with a table containing 'Id, username, password, customer-name, text, files'
then setting up a server behavior of 'login user' where 'username, password' are the authenticating fields and then setting up dynamic text fields Where the 'customer-name' is the heading
followed by html text 'Account Files' then the where 'text' is the body of the clients information then where 'files' is the customers
links to their updated files. Does this sound correct or possible and what are the steps I need to take?

Here is my accounts page where the user is redirected after login with username and password. Also, I have set up a logout link that is supposed to redirect the user after the click
however it is not doing that.



Expand|Select|Wrap|Line Numbers
  1. <?php require_once('Connections/connex.php'); ?>
  2. <?php
  3. //initialize the session
  4. session_start();
  5.  
  6. // ** Logout the current user. **
  7. $logoutAction = $HTTP_SERVER_VARS['PHP_SELF']."?doLogout=true";
  8. if ((isset($HTTP_SERVER_VARS['QUERY_STRING'])) && ($HTTP_SERVER_VARS['QUERY_STRING'] != "")){
  9.   $logoutAction .="&". $HTTP_SERVER_VARS['QUERY_STRING'];
  10. }
  11.  
  12. if ((isset($HTTP_GET_VARS['doLogout'])) &&($HTTP_GET_VARS['doLogout']=="true")){
  13.   //to fully log out a visitor we need to clear the session varialbles
  14.   session_unregister('MM_Username');
  15.   session_unregister('MM_UserGroup');
  16.  
  17.   $logoutGoTo = "adminlogin.php";
  18.   if ($logoutGoTo) {
  19.     header("Location: $logoutGoTo");
  20.     exit;
  21.   }
  22. }
  23. ?>
  24. <?php
  25. if (!isset($_SESSION)) {
  26.   session_start();
  27. }
  28. $MM_authorizedUsers = "";
  29. $MM_donotCheckaccess = "true";
  30.  
  31. // *** Restrict Access To Page: Grant or deny access to this page
  32. function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 
  33.   // For security, start by assuming the visitor is NOT authorized. 
  34.   $isValid = False; 
  35.  
  36.   // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
  37.   // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
  38.   if (!empty($UserName)) { 
  39.     // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
  40.     // Parse the strings into arrays. 
  41.     $arrUsers = Explode(",", $strUsers); 
  42.     $arrGroups = Explode(",", $strGroups); 
  43.     if (in_array($UserName, $arrUsers)) { 
  44.       $isValid = true; 
  45.     } 
  46.     // Or, you may restrict access to only certain users based on their username. 
  47.     if (in_array($UserGroup, $arrGroups)) { 
  48.       $isValid = true; 
  49.     } 
  50.     if (($strUsers == "") && true) { 
  51.       $isValid = true; 
  52.     } 
  53.   } 
  54.   return $isValid; 
  55. }
  56.  
  57. $MM_restrictGoTo = "adminlogin.php";
  58. if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   
  59.   $MM_qsChar = "?";
  60.   $MM_referrer = $_SERVER['PHP_SELF'];
  61.   if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  62.   if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) 
  63.   $MM_referrer .= "?" . $QUERY_STRING;
  64.   $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  65.   header("Location: ". $MM_restrictGoTo); 
  66.   exit;
  67. }
  68. ?>
  69. <?php
  70. if (!function_exists("GetSQLValueString")) {
  71. function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
  72. {
  73.   $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  74.  
  75.   $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
  76.  
  77.   switch ($theType) {
  78.     case "text":
  79.       $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
  80.       break;    
  81.     case "long":
  82.     case "int":
  83.       $theValue = ($theValue != "") ? intval($theValue) : "NULL";
  84.       break;
  85.     case "double":
  86.       $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
  87.       break;
  88.     case "date":
  89.       $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
  90.       break;
  91.     case "defined":
  92.       $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
  93.       break;
  94.   }
  95.   return $theValue;
  96. }
  97. }
  98.  
  99. $colname_username = "-1";
  100. if (isset($_SESSION['MM_Username'])) {
  101.   $colname_username = $_SESSION['MM_Username'];
  102. }
  103. mysql_select_db($database_connex, $connex);
  104. $query_username = sprintf("SELECT * FROM customerup WHERE username = %s", GetSQLValueString($colname_username, "text"));
  105. $username = mysql_query($query_username, $connex) or die(mysql_error());
  106. $row_username = mysql_fetch_assoc($username);
  107. $totalRows_username = mysql_num_rows($username);
  108. $colname_Recordset1 = "-1";
  109. if (isset($_SESSION['pkid'])) {
  110.   $colname_Recordset1 = $_SESSION['pkid'];
  111. }
  112. mysql_select_db($database_connex, $connex);
  113. $query_Recordset1 = sprintf("SELECT * FROM files WHERE pkid = %s", GetSQLValueString($colname_Recordset1, "int"));
  114. $Recordset1 = mysql_query($query_Recordset1, $connex) or die(mysql_error());
  115. $row_Recordset1 = mysql_fetch_assoc($Recordset1);
  116. $totalRows_Recordset1 = mysql_num_rows($Recordset1);
  117.  
  118.  
  119. ?>
  120. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  121. <html xmlns="http://www.w3.org/1999/xhtml">
  122. <div id="container">
  123.   <img src="images/ALM.gif" name="top" width="780" height="65" id="top" />
  124.   <div id="nav">
  125.     <ul>
  126.       <li><a href="/index.html">Home</a></li>
  127.       <li><a href="/about_us.html">About Us</a></li>
  128.       <li><a href="/delivery_services.html">Services</a></li>
  129.       <li><a href="/on_line_order.html">Place Order</a></li>
  130.       <li><a href="adminlogin.php">Tracking/Reports</a></li>
  131.       <li><a href="/contact_us.html">Contact Us</a></li>
  132.       <li><a href="/links.html">Links</a></li>
  133.     </ul>
  134.   </div>
  135.   <div align="center" id="log-in">
  136.  
  137.     <div align="right">
  138. <table width="228" border="0" cellpadding="0" id="logtable">
  139.           <tr>
  140.             <td height="68" colspan="2" bordercolor="#FFFFFF" id="form2"><span class="style12">
  141.               <label></label>
  142.                           </span>
  143.               <span class="style12"></span>
  144.               <label> </label>
  145.               <div align="center">
  146.                 <p><span class="style13">Logged In</span><br />
  147.                   <a href="<?php echo $logoutAction ?>" class="style12">Log out</a></p>
  148.             </div></td>
  149.           </tr>
  150.       </table>
  151.     </div>
  152.   </div>
  153.   <div id="body">
  154.  
  155.     <h2 align="right"><span class="style2">TRACKING &amp; REPORTS<br />
  156.       <br />
  157.     </span></h2>
  158.     <?php if ($totalRows_username > 0) { // Show if recordset not empty ?>
  159.       <?php } // Show if recordset not empty ?>
  160. <div id="customername">
  161.         <div align="center">
  162.           <h3><?php echo $row_username['menu_name']; ?></h3>
  163.         </div>
  164.     </div>
  165.  
  166.  
  167.  
  168.     <h3 align="center"><br />
  169.     <span class="style13"><em>CUSTOMER ACCOUNT FILES</em></span></h3>
  170.  
  171.     <?php if ($totalRows_Recordset1 > 0) { // Show if recordset not empty ?>
  172.       <div id="files"><?php echo $row_Recordset1['clientid']; ?></div>
  173.       <?php } // Show if recordset not empty ?>
  174. <p align="center">&nbsp;</p>
  175.   </div>
  176.  
  177.   <div id="footer"><div id="nav">
  178.  
  179.     <ul>
  180.       <li><a href="/index.html">Home</a></li>
  181.       <li><a href="/about_us.html">About Us</a></li>
  182.       <li><a href="/delivery_services.html">Services</a></li>
  183.       <li><a href="/on_line_order.html">Place Order</a></li>
  184.       <li><a href="adminlogin.php">Tracking/Reports</a></li>
  185.       <li><a href="/contact_us.html">Contact Us</a></li>
  186.       <li><a href="/links.html">Links</a></li>
  187.     </ul>
  188.   </div>
  189.     <!--end of the footer div -->
  190.   </div>
  191.   <h4 align="center"><em><span class="style1">A-LINE MESSENGER SERVICE </span></em><span class="style3">- 2 - DELIVER - 4 - YOU</span><em>!</em></h4>
  192. </div>
  193. <!--this is the close of the container div--></body>
  194. <?php
  195. mysql_free_result($username);
  196.  
  197. mysql_free_result($Recordset1);
  198. ?>
Jul 16 '08 #1
Share this Question
Share on Google+
2 Replies


dlite922
Expert 100+
P: 1,584
Welcome to Bytes,

Looking at this, you need major help; More help than we can give you in a forum like these. By the looks of your variables all starting with $MM_, you're using Dreamweaver-built code, its not hand written?

Look here, First get up to date with PHP5, we don't use HTTP_VARS anymore.

Second, take some tutorials and design test applications and look into code modularity. Code modularity is taking the problem/requirement and dividing it into specific functions.

See: MVC.

Generally here's how your pages should be laid out.

You have a xxx.php file, this is what gets called in the browser.

This file will include a general file such as config.inc that contains site_wide global variables. (database login etc)

This page takes the role of the conductor of an extra. It tells it what to do based on it.

Create another class (yes learn about OOP early) called the controller, such as loginController.php which contains the functions (the actions) you need for the login.php file. If your using a database, it helps to create a database class that handles all your querying, inserting, and other actions for the controller class like a middle man.

After you are done, with the logic and want to display something, put your content into variables and include() an HTML file.

The HTML file should NOT contain any logic except simple echo print commands and if statements and for loops.

Its also best to use a templating system like Smarty. (I assume you'll Google all terms here that you don't understand)

When you come back with more specific question like why isn't something working, we can help you. But we cannot rewrite the entire script for you.

Remember: Learning without thought is labor lost.



Dan
Jul 17 '08 #2

P: 2
Welcome to Bytes,

Looking at this, you need major help; More help than we can give you in a forum like these. By the looks of your variables all starting with $MM_, you're using Dreamweaver-built code, its not hand written?

Look here, First get up to date with PHP5, we don't use HTTP_VARS anymore.

Second, take some tutorials and design test applications and look into code modularity. Code modularity is taking the problem/requirement and dividing it into specific functions.

See: MVC.

Generally here's how your pages should be laid out.

You have a xxx.php file, this is what gets called in the browser.

This file will include a general file such as config.inc that contains site_wide global variables. (database login etc)

This page takes the role of the conductor of an extra. It tells it what to do based on it.

Create another class (yes learn about OOP early) called the controller, such as loginController.php which contains the functions (the actions) you need for the login.php file. If your using a database, it helps to create a database class that handles all your querying, inserting, and other actions for the controller class like a middle man.

After you are done, with the logic and want to display something, put your content into variables and include() an HTML file.

The HTML file should NOT contain any logic except simple echo print commands and if statements and for loops.

Its also best to use a templating system like Smarty. (I assume you'll Google all terms here that you don't understand)

When you come back with more specific question like why isn't something working, we can help you. But we cannot rewrite the entire script for you.

Remember: Learning without thought is labor lost.



Dan
I understand. I love to learn so when someone points me in the correct direction of where to find the information I need, that is great. I'm taking as
much suggestion right now as possible. Thank you for your response.
Jul 17 '08 #3

Post your reply

Sign in to post your reply or Sign up for a free account.