Search
Left Quote    By failing to prepare, you are preparing to fail.
- Benjamin Franklin    
Right Quote
 
[login] | [Register]
Forum Index » PHP and mySQL » Viewing Topic and Replies
Post Reply


        Viewing Topic: protecting content with the login system...
  This user is offline  lingh0e
  Subject: "protecting content with the login s..." Posted: @ 7:52 pm on Mar 28 2007   

Member #: 291
Rank: User - (29)
Since: 03/03/07
Posts: 29
From: Ohio

So I've been away for a while, and in that time I seem to have forgotten most of the stuff I've learned.

Anyways, once I have implemented the user registration system: users can register and login, how do I use that information to allow registered users access to pages/directori es etc?

I know it's a simple question, but like I said... it's been a while.


Feel free to kick me if I get annoying
    Viewed: 18,824 Times | Reply to This | To top
  This user is offline  dogstar
  Subject: "re: protecting content with the log..." Posted: @ 8:37 pm on Mar 28 2007    

Member #: 306
Rank: User - (3)
Since: 03/25/07
Posts: 3
From: Fairless Pennsylvania

I'm attempting the same thing on Yahoo! using PHP and MySQL.
I have several questions also. In MySQL there are built in tables for user / db / tables etc... that allow certain capability. I haven't done anything with these.

I have created a database called member and added member and login tables.

I have the form made out with username and login ready.

I have some of the php made to send to fill out a registration form.

My underlying question is the same as yours. How do I protect the database and what directory do I keep the php files in. If I put the php files in a password protected database then I would have to give every member permission to use it so then it wouldn't work. The Yahoo! area is unrelated to the mysql permissions I guess.

I am considering having a bulk table that has all the information fields that they will fill out. And then have a separate table that is cleaned up with cleaned data that they cannot access directly.

There is also the matter of wanting to give permission to some members to be able to search the database etc...

Fun though...

dogstar




xsdogstar |     Viewed: 18,816 Times | Reply to This | To top
  This user is offline  lingh0e
  Subject: "re: protecting content with the log..." Posted: @ 10:03 pm on Mar 28 2007    

Member #: 291
Rank: User - (29)
Since: 03/03/07
Posts: 29
From: Ohio

Okay, I have figured out part of my problem.

In the header of my index is a login link. Logging in via this link will put a "welcome $username" ; in the header as well as a logout link. If you log in this way, everything is kosher.

If you are not logged in and you try to visit one of the members only pages you are redirected to the login page, the same one linked to from the header. If you login this way, the session starts as usual but the header still displays the older "login, register" links and does not reflect that the user is logged in.

How do I change this to allow the user to log in via the redirected link and then display the logged in username and logout link in the header?




Feel free to kick me if I get annoying

    Viewed: 18,809 Times | Reply to This | To top
  This user is offline  bs0d
  Subject: "re: protecting content with the log..." Posted: @ 10:57 pm on Mar 28 2007    

Member #: 1
Rank: Admin. - (1,505)
Since: 02/06/05
Posts: 600
From: USA

Make sure your "page header" code is consistent on every page you want to recognize a member... every page

Just to clarify, under the design of the "Complete Members System" article, to protect member only pages at the top of your script add the following code:

Code:


if($_SESSION[' logged_in'] == 0)
die("You must be a member or logged in to view this page.");< br />




-bs0d | AllSyntax.com

    Viewed: 18,805 Times | Reply to This | To top
  This user is offline  misterhaan
  Subject: "re: protecting content with the log..." Posted: @ 2:07 pm on Mar 29 2007    

Member #: 5
Rank: User - (213)
Since: 02/11/05
Posts: 148
From: chair

are you writing out the page header and then processing the login form? if so, the user isn't logged in yet when you write out the header...




please note that the above post is likely made up in its entirety.

    Viewed: 18,780 Times | Reply to This | To top
  This user is offline  lingh0e
  Subject: "re: protecting content with the log..." Posted: @ 4:26 pm on Mar 29 2007    

Member #: 291
Rank: User - (29)
Since: 03/03/07
Posts: 29
From: Ohio

Alright, spontaneous remission of symptoms.

Cleared some cookies and all works well.

Whodathunkit.




Feel free to kick me if I get annoying

    Viewed: 18,775 Times | Reply to This | To top
  This user is offline  duece
  Subject: "Complete Member System ??" Posted: @ 8:29 am on Jun 12 2007    
Member #: 341
Rank: User - (14)
Since: 06/12/07
Posts: 14

**Update**
Got it to work...
require_once($_ SERVER['DOCUME NT_ROOT'].'/d b_connect.php' ); //given code

require_once(.. /webroot/db_con nect.php'); //code modified for my root

I would recommend for the total noobes, inluding myself some sort of more consistent declaration of such required modifications.. .
unless I am missing something ?!
**end update**



I am running WAMP on localhost

you then said to use this..

require_once($_ SERVER['DOCUME NT_ROOT'].'/c onnect.php'); to connect to the server..

however, is _SERVER['DOCUM ENT_ROOT'] the actual value or do I need to put my own info in here...
I have finished the tut and tried the code... doesn't look like it is working to me... trying to figure out why...

Thanks for the clarification..
Duece



Edited at 07:09:29 am on 06/13/07


    Viewed: 18,260 Times | Reply to This | To top
  This user is offline  bs0d
  Subject: "re: protecting content with the log..." Posted: @ 12:19 pm on Jun 12 2007    

Member #: 1
Rank: Admin. - (1,505)
Since: 02/06/05
Posts: 600
From: USA

Duece,
the $_SERVER['DOCU MENT_ROOT'] variable displays the document root of your website, I believe sometimes called the absolute path or full path. An example may be something like: /user/home/bin/ yoursite/ - I don't know, but that is how you need to call the script. Place the code to connect to the database ina central file (db_connect.php ), and when you need to connect, just use require_once(); to include the connection code and it will connect (if given the proper parameters within the file).

Other than that, if you're experiencing any specific problems post the PHP error and the line of code that is causing the error and we can try and help you out the best we can. Thanks for reading the article.



Edited at 12:25:43 pm on 06/12/07


-bs0d | AllSyntax.com

    Viewed: 18,254 Times | Reply to This | To top
  This user is offline  duece
  Subject: "re: protecting content with the log..." Posted: @ 6:19 am on Jun 13 2007    
Member #: 341
Rank: User - (14)
Since: 06/12/07
Posts: 14

**update** fixed it... amazing what that little php will do after the <?

missed the one at <form name="sig nup" action="& lt;?$_SERVER[' PHP_SELF']; ?>" method="P OST">< br />

Well that is cool... I had tried about a dozen times to fix it, posted, then 15 more tries, after various tries at things...
Glad it is working..
very cool..
Now I just need to take the modules and put them all together into a quick demo/working site...

D



Edited at 07:46:33 am on 06/13/07


    Viewed: 18,238 Times | Reply to This | To top
  This user is offline  duece
  Subject: "re: protecting content with the log..." Posted: @ 3:25 am on Aug 06 2007    
Member #: 341
Rank: User - (14)
Since: 06/12/07
Posts: 14

  bs0d said...

< i> Make sure your "page header" code is consistent on every page you want to recognize a member... every page

Just to clarify, under the design of the "Complete Members System" article, to protect member only pages at the top of your script add the following code:
<BR><f ont size=1><u >Code:</u ><BR>& lt;div name="div _box" class="di vCode"> ;
if($_SESSION[' logged_in'] == 0)
die("You must be a member or logged in to view this page.";




This is what you posted... is this snipet of code supposed to go in the page_header.php file or at the top of the members pages themselves..
Thanks
D




    Viewed: 17,800 Times | Reply to This | To top
  This user is offline  bs0d
  Subject: "re: protecting content with the log..." Posted: @ 4:20 am on Aug 06 2007    

Member #: 1
Rank: Admin. - (1,505)
Since: 02/06/05
Posts: 600
From: USA

put that on your member only page, not in the page_header. If its in the page_header, every visitor (and members that didnt click 'remember me') that comes to the site will get the error because they dont have the opportunity to sign-in.




-bs0d | AllSyntax.com

    Viewed: 17,796 Times | Reply to This | To top
Viewing Page: 1 of 1


1 |

You must be logged in to post on the forums. Login or Register








"AllSyntax.com" Copyright © 2002-2018; All rights lefted, all lefts righted.
Privacy Policy  |  Internet Rank