abit of php help

[Alex]

do we have a php help centre?

if(!$_POST['username'] | !$_POST['pass']| !$_POST['email']) {
die('You did not fill in a required field.');
}

right, here is some code. now i dont like the die statement and i want to change it to load up the page before and show above the login box that you didnt fill in....
the login page is php and this page is obvs php. any help?

 

[JustPie]

You didn't supply enough info. My guess is you could do something like this.

if(!$_POST['username'] | !$_POST['pass']| !$_POST['email']) {
  'echo you left a feild empty'
  'display form here'
} else {
  do stuff.
}

 

[Alex]

what more information do you need?

how can i add html or can i use that echo to somehow display php/html?

EDIT: never mind, thanks +rep your help lead me to fine my way
heres what i did

$go_to_address1="m_index.php";
$go_to_address=rawurldecode($go_to_address1);

echo "<iframe SRC=\"".$go_to_address."\" width=\"100%\" height=\"1200\" 
framespacing=0 frameborder=no border=0 scrolling=auto></iframe>";

EDIT2: on closer inspection this isnt going to work, this is a members page and i need it to load up the page directly, not through an iframe. heres the current code.

<?php
// Connects to your Database
mysql_connect("localhost", "user", "pword") or die(mysql_error());
mysql_select_db("pword") or die(mysql_error());

//checks cookies to make sure they are logged in
if(isset($_COOKIE['ID_my_site']))
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{

//if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password'])
{ header("Location: login.php");
}

//otherwise they are shown the admin area
else
{
$go_to_address1="m_index.php";
$go_to_address=rawurldecode($go_to_address1);

echo "<iframe SRC=\"".$go_to_address."\" width=\"100%\" height=\"100%\" 
framespacing=0 frameborder=no border=0 scrolling=auto></iframe>";




}
}
}
else

//if the cookie does not exist, they are taken to the login screen
{
header("Location: login.php");
}
?>

that page above is members.php and where the iframe is is where the m_index needs to go. m_index is a php page, how would i do that?

EDIT3: never mind, i just add the page code at the end.

now what do i need to do to get the "username" a specific page. so if i login in, it will come up with a page unique to me saying how many points i have ect.?

 

[JustPie]

Redirect to a user page and use sessions to store user data.

 

[Alex]

Redirect to a user page and use sessions to store user data.

figured that out, lol

i hate being a newbie to PHP next problem is, i use this to show the username on the page

Thanks for logging in <?php echo $username['username']; ?>...

but the problm is it only shows the first letter of the user name

 

[JustPie]

like i said before, use pastebin.com to upload your code if you want help. This isn't enough information for anyone to help you out.

 

[Alex]

that is the whole code for the page at hand....

 

[Jake]

If you want a good, in-depth tutorial this is the one that I learned php from and still go back to occasionally.
http://devzone.zend.com/article/627-PHP-101-PHP-For-the-Absolute-Beginner
(I don't know if you're allowed off site links here, remove it if you're not)

 

[Alex]

If you want a good, in-depth tutorial this is the one that I learned php from and still go back to occasionally.
http://devzone.zend.com/article/627-PHP-101-PHP-For-the-Absolute-Beginner
(I don't know if you're allowed off site links here, remove it if you're not)

thanks

 

[JustPie]

that is the whole code for the page at hand....

Yes, but their is a page redirecting to this page.

 

[Alex]

Oooo heres login.php then

<?php
// Connects to your Database
mysql_connect("localhost", "dbasename", "password") or die(mysql_error());
mysql_select_db("instantt_login") or die(mysql_error());

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: members.php");

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);

//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{

// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);

//then redirect them to the members area
header("Location: members.php");
}
}
}
else
{

// if they are not logged in
?>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>title ofcourse</title>
<link rel="stylesheet" type="text/css" href="style.css" media="screen" />
</head>
<body>

<div id="wrapper">

<div id="header">
	<div id="logo">
		<h1><a href="index.php">homepage</a></h1>
	</div>
	<!-- end #logo -->
<div id="menu">
		<ul>
			<li class="active"><a href="index.php">Home</a></li>
			<li><a href="register.php">Register</a></li>
			<li><a href="login.php">Login</a></li>
		</ul>
	</div>
	<!-- end #menu -->
</div>
<!-- end #header -->
<div id="page">
	<div id="content">
		<div style="margin-bottom: 10px;"></div>
		<div class="post"><p>
        <h1 class="title">Login</h1><div class="entry">
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><strong></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>

	  </div>
			<div class="meta"></div>
	</div>
  </div>
	<!-- end #content -->
	<div id="sidebar">
		<div id="sidebar-bgtop"></div>
		<div id="sidebar-content">
			<div id="sidebar-bgbtm">
			<ul>
				<li id="search">
					<h2>Links</h2>
					<form method="get" action="">
						<fieldset>
						</fieldset>
					</form>
					<ul>
					  <li></li>
				  </ul>
			    </li>
				<li>
				  <ul>
				    <li></li>
						<li></li>
				  </ul>
				</li>
			</ul>
		</div>
		</div>
	</div>
	<!-- end #sidebar -->
	<div style="clear:both; margin:0;"></div>
</div>
<!-- end #page -->
<div id="footer">
  <p>&copy; 2008. All Rights Reserved.</p>
</div>
<?php
}

?>

 

[Chathurga]

There's a lot of SQL injection points in that script, your username cookie isn't secure.

 

[JustPie]

The way you are storing your cookies is unsafe. If anyone was to get into your cookie folder all they would have to do is copy and paste and beable to have full access to your site.

 

[Alex]

i guess i should learn alot more php before continuing to a make login script...

 

[JustPie]

haha,

Don't get discouraged. Took me months of practice to have the level of understanding that i have, and i still run into stuff i haven't seen before. Just read up on php before you go into any major site designs :-D

 

[Alex]

Thanks for all of you guys help