Article Discussion: Building a Members Area with PHP: Part 3/6

If you have any questions or comments on this article then please post them here.

This forum post relates to this article

where should i place this code?



and what if i have a login form on every page of the site? how can i make it change when a user already has logged in?

a million thanks to any answers!

place that anywhere you want, just call the session class on every page, and it will keep you logged in on every page

im sorry for my ignorance but i still didnt get what you mean. what session class are u talking about and how do i use that?

another question i have is what if i want to redirect them to a certain members area page once they logged in successfully, how do i do that?

and how do i use thuis snippet?



i would really appreciate any response! ,thanks!

what i did was place a login form on every page so that anytime they want to login, wherever they are in the site, they could do so
this means that once they've logged-in, the login part will then change to a welcome user dialog.

here are some of the errors ive encountered:

Fatal error: Call to a member function on a non-object...

Warning: Cannot send session cache limiter...

could anybody please enlighten me!... thanks

Have you read parts 1 and 2 of this article??

if you dont know what im talking about when I say the security class, i think you need to read the articles again. There is a whole article devoted to the security class.

Damn Damn Damn!?!
Administrators why didn't you give us full code of this articles (member area)? If you give us it full we will understand you!!!
And you will be easier to you.

If you looked at parts 1,2 & 4, they include support material, which is the code i wrote and tested for the article.

the support material is on the last page of each article.

Also please dont spam on multiple posts

Ben, first off I want to say that your articles are very helpful as well as the majority of the articles on the site, however I wanted to bring up something. Look at this more as constructive criticism please.

A lot of people want to learn to program because it can be fun and be a nice source of income and that's where sites like devArticles come in handy.
The problem I am having with this site is with some of your replies. You keep telling us that its an intermediate level and if we aren't at that level then to get out of here because we aren't allowed to even try and attempt the article. I can understand how frustrating it can be trying to help someone who doesn't understand the language, but you could make life a lot easier if either of the following are done:

a) the support files contain EVERY single file with proper code mentioned in the article and have been tested to work with no code modifications

b) the articles are colour coded better to determine when code should be added to a page and when you're just reiterating it to explain the code.

Anyhow this code just produces an error for me:

<html><head><title>please login</title></head>
<body>


<?
include("class.security.php");

?>


<?
if($dtlsSecurity->IsLoggedIn())
{
?>

Menu Items here<br>

<?php
}
else
{
?>

<form method="post" action="login.php">
username: <input type="text" name="username"><br>
password: <input type="password" name="password"><br>
<input type="submit" value="login">
</form>

<?php
}
?>

</body>
</html>



And there is no support material for Part 1 or 3

Ok, the reason why i said you need to have an intermediate level of PHP knowledge is because of the complexity issue of the class, the code, and to put it straight, it is a INTERMEDIATE article. Im not stopping begginners from using the article, its good to see people having a challange.

I love programming, and because of this site im now a professional PHP programmer. If people want to learn, im more then happy to, im also more then happy to help people with problems.

now the reason why im a bit anoyed is because i took my own time to write the article for intermediate programmers. then to recive email after email from 'intermediate' programmers who are actually still begginers, tell me that it doesnt work, and give me an ear full, when in actual fact its there own inability understand and use PHP.

I just find it really anoying when people tell me i have made a mistake, without looking at there own problems first.



Now i admit there is a spelling mistake in one of the articles, however the source code comes from my own site that im developing, so i know for a fact that it works, as i have been testing the class for over 15hrs.

All the files are included in the support material used.

There is no support for article 3, as there is no need, as i didnt modify any files, and the support material for #2 is the same as #1


the article format is not controlled by me, its controled by our editor, mytch.

With regards to your problem, you need to call the functions that set up the class first. You can find these in part #2. its the same code for the index.php file

some files r missing in the support material, the 1st time i downloaded this article i had all the files in 1 rar file, now i only have 3

In an includefile (a menu...) I carry following code which doesn't work.:
QUOTE==
<?php
if($IsLoggedIn)
{
?>
<td>BLABLA</td>
<?php
}
else
{
?>
<td>BLEBLE</td>
<?php
}
?>
UNQUOTE==

In the file where the include is part I have in top of file following, which I think was as I understood meant to be:
QUOTE==
<?php
ini_set ("include_path",'includes');
include('javascripts.php');
include('class.security.php');
include('header.php');
include('menu.php');

$dtlsSecurity = new Security;

$dtlsSecurity->ExtraFieldNames('firstname,lastname');
$dtlsSecurity->StoreSession_TableName('session');
$dtlsSecurity->Log_TableName('log');
$dtlsSecurity->FieldNames('sessionid', 'userid', 'username', 'auth');

$IsLoggedIn = $dtlsSecurity->IsLoggedIn();
$details = $dtlsSecurity->GetData();


if(!$dtlsSecurity->IsLoggedIn() && !is_numeric(strpos($_SERVER["PHP_SELF"], "login.php")))
{
if($_COOKIE['mem'] != '')
{
header("location: login.php?strMethod=checklogin");
}
}
?>

Any clues why still not working???? Thanks,
Martin

what happens when you echo out the following?

$dtlsSecurity->IsLoggedIn()


does it print anything?

just a "0"

All info is in my database though!
Martin

that means your not logged in, have you tried logging in?

definitely! BTW, Appreciate your help.
(As mentioned my login details definitely into database!)
Here's my login page:
QUOTE++
<?php
ob_start();
ini_set ("include_path",'includes');
include('javascripts.php');
include('class.security.php');
include('header.php');
include('menu.php');

$dtlsSecurity = new Security;

$dtlsSecurity->ExtraFieldNames('firstname,lastname');
$dtlsSecurity->StoreSession_TableName('session');
$dtlsSecurity->Log_TableName('log');
$dtlsSecurity->FieldNames('sessionid', 'userid', 'username', 'auth');

$struName = $_POST["struName"];
$strPass = $_POST["strPass"];
$strMethod = $_POST["strMethod"];
echo $IsLoggedIn;
if($strMethod == "")
$strMethod = $_GET["strMethod"];


if(!$dtlsSecurity->IsLoggedIn())
{
switch($strMethod)
{
case "check_login":
ProcessLogin();
break;
case "checklogin";
CheckCookie();
break;
default:
GetLogin();
break;
}

}
else
{
if($strMethod == "logout")
ProcessLogout();
else
ShowLogOut();
}

function CheckCookie()
{



$strQuery = mysql_query("SELECT * FROM users WHERE session = '{$_COOKIE['mem']}'");
if($cookie = mysql_num_rows($strQuery) > 0)
{

//cookie session = stored session, login
$result = mysql_fetch_array($strQuery);
if($dtlsSecurity->StoreSession($result[0], $result[1], $result[3], "{$result[4]},{$result[5]}"))
header("Location: index.php");


}
else
{

//cookie doesnt match any session
setcookie("mem","",time()-1);
header("Location: index.php");


}

}

function GetLogin()
{
?>
<body class="bodyachtergrond"><title>Alleen voor leden van G.C.de Hoogebergsche</title>
<div align="center" class="menheadi"><a href="index.php">Hoofdpagina</a> | <a href="registration.php">Registratie</a> | <a href="login.php">Login</a></div>
<form name="frmLogin" action="login.php" method="post">
<input type="hidden" name="strMethod" value="check_login">
<table align="center">
<tr>
<td width="26%" align="right" class="menheadi"><strong>HB Lidcode&nbsp;&nbsp;</strong></td>
<td width="20">&nbsp;</td>
<td width="74%" class="menheadi"><input name="struName" type="text" value="" size="20" maxlength="20"></td>
</tr>
<tr>
<td width="26%" align="right" class="menheadi"><strong>Paswoord&nbsp;&nbsp;</strong></td>
<td width="20">&nbsp;</td>
<td width="74%" class="menheadi"><input name="strPass" type="password" value="" size="20" maxlength="20"></td>
</tr>
<tr>
<td width="26%" align="right"></td>
<td width="20">&nbsp;</td>
<td width="74%"><input name="strSetCookie" type="checkbox" value="1" checked>Onthouden</td>
</tr>
<?php
if($_POST['strSetCookie'] == 1)
{
mysql_query("UPDATE users SET sessionid = '" . session_id() . "' WHERE username = '$strUser'");
setcookie("mem", session_id(), time()+(3600*24*30*4));
}
?>
<tr>
<td width="26%"></td>
<td width="20">&nbsp;</td>
<td width="74%"><input type="submit" value="Inloggen"></p></td>
</tr>
</form>
</table>
</table>
<?php
}
function ProcessLogin()
{
global $dtlsSecurity;

$strUser = @$_POST["struName"];
$strPass = md5($_POST["strPass"]);

$dbVars = new dbVars();
@$svrConn = mysql_connect($dbVars->strServer, $dbVars->strUser, $dbVars->strPass);

if($svrConn)
{
$dbConn = mysql_select_db($dbVars->strDb, $svrConn);

if($dbConn)
{
$strQuery = "select * from users ";
$strQuery .= "where username = '$strUser' ";
$strQuery .= " and password = '$strPass' ";

$results = mysql_query($strQuery);
$result = mysql_fetch_row($results);

if($result)
{
// Write to the log file
$strLog = "Login OK: {$result[1]}, {$result[3]}, {$result[4]}, {$_SERVER['REMOTE_ADDR']}, " . date("d/m/Y h:i:m A");
$dtlsSecurity->AddLog($strLog);

// Set the login credentials for this user in the tbl_AdminSessions table
if($dtlsSecurity->StoreSession($result[0], $result[1], $result[3], "{$result[4]},{$result[5]}"))
{

if($_POST['strSetCookie'] == 1)
{

mysql_query("UPDATE users SET sessionid = '" . session_id() . "' WHERE username = '$strUser'");
setcookie("mem", session_id(), time()+(3600*24*30*4));

}


header("Location: index.php");

}
else
{
?>
<table>Kon geen nieuwe sessie starten:<br><br><a href="javascript:history.go(-1)">Terug</a>
</table>
</table>
<?php
}
}
else
{
$strLog = "Login Failed: $strUser, $strPass, {$_SERVER['REMOTE_ADDR']}, " . date("d/m/Y h:i:m A");
$dtlsSecurity->AddLog($strLog);

?>
<table>
<div align="center" class="menheadi"><a href="index.php">Hoofdpagina</a> | <a href="registra