Member Avatar for geneh23

Hey everyone!

I have an issue with the my checkuser.php..which is my login check that redirects certain users to a certain page, due to if they logged in as an admin or a regular user..I have a test site on my local server that works fine when I log in but for some reason when I use it for the site that needs to go up..it doesnt work..It just shows a blank checkuser.php and does nothing after login..

checkuser.php

<?php
error_reporting (E_ALL ^ E_NOTICE);
?>
<?php
session_start();

//connect to db
$connect = mysql_connect("*******","*****","*******");
mysql_select_db("******");



$get = mysql_query("SELECT * FROM users WHERE username ='".$_SESSION['username']."'") or die(mysql_error());
while($row = mysql_fetch_array($get)) 
{
   $admin = $row['user_level'];
         if ($admin == 0)
         {
            header("Location: index.php");
         }
        elseif ($admin == 1) 
        {
           header("Location: Blog-admin-area.php");
        }
      else
      {
         echo "this is an invalid status";
         }
}
?>
  • 3 Contributors
  • 12 Replies
  • 216 Views
  • 2 Days Discussion Span
  • Latest Post Latest Post by geneh23
Member Avatar for hielo

try:

<?php
session_start();
error_reporting (E_ALL );


//connect to db
$connect = mysql_connect("*******","*****","*******") or die( mysql_error() );
mysql_select_db("******") or die( mysql_error() );



$get = mysql_query("SELECT * FROM `users` WHERE `username`='".$_SESSION['username']."'") or die(mysql_error());
while($row = mysql_fetch_array($get)) 
{
   $admin = $row['user_level'];
         if ($admin == 0)
         {
            header("Location: index.php");
            exit;
         }
        elseif ($admin == 1) 
        {
           header("Location: Blog-admin-area.php");
           exit;
        }
      else
      {
         echo "this is an invalid status";
         }
}
?>

On another note, are you using a <FORM> to post the username? If yes, then maybe you meant $_POST['username'] instead of $_SESSION['username']

Member Avatar for geneh23

So, it doesn't just go to the checkuser anymore..but when I log in, it goes to the page that it is supposed to but it displays the echo statement "You must be logged in. Click here to login!" so that obviously means somewhere along the line that session gets lost..even though the session variable is on each page..here is the login page and then the admin and user page depending on who is signing in..

login.php (only the php)

<?php
session_start();
 
if(isset($_POST['Submit'])){
$user = $_POST['username'];
$pass = $_POST['password'];
// validate the data
$user = stripslashes($user);
$pass = stripslashes($pass);
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
 
mysql_connect("127.0.0.1","root","");
mysql_select_db("member");
$select = "SELECT * FROM USERS where username='".$_SESSION['$user']."' && password='".$_SESSION['$pass']."'";
$msq = mysql_query($select);
if(mysql_num_rows($msq)>0)
{
while($row = mysql_fetch_array($msq))
{
$username = $row['username'];
 
$_SESSION['username'] = $username;
echo $_SESSION['username'];
 
}
header("location: checkuser.php");
}}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>
</title>
<link rel="stylesheet" type="text/css" href="CSS/style.css" />
<meta name="description" content="This book will give women, men, and teenagers a different perspective on pregnancy and your life immediately following having kids. This story describes my overall experience being pregnant. This book will prepare all women to make sure that they are ready to get pregnant! I hope you enjoy!!!" />
<meta name="keywords" content="***************,teen,teen mother,TEEN MOTHER,struggle,life,Baby,babysitting,childbirth,pregnancy,giving birth,hospital,health,mom,being a mom,parent,being a parent,Ready or Not,books,story,blog,blogs,email,family," />
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js"></script>
<script type="text/javascript" src="js/main.js"></script>
<script type="text/javascript">
function preload(arrayOfImages) {
    $(arrayOfImages).each(function(){
        $('<Images/>')[0].src = this;
        // Alternatively you could use:
        // (new Images()).src = this;
    });
}

// Usage:

preload([
    'Images/butterfly-background.jpg',
    'Images/book cover2 another version1.jpg',
    'Images/facebook-logo-pink.png'
	'Images/Email-icon.jpg'
	'Images/header-background.jpg'
	'menu-background.jpg'
]);
</script>
</head>
<body>

<div class="container">
<div id="header">
<div id="nav-header">
<a href="index.php"><h1><i>**************</i></h1><h2><i><u>Ready or Not!!</u></i></h2></a>
</div><!-- end of nav-header -->
</div><!-- end of #header -->
<div id="menu">
<ul>
<li><a href="index.php">Home</a></li>
<li><a href="Register1.php">Register</a></li>
<li><a href="AboutMe.html">About Me</a></li>
<li><a href="Blog.php">Blog</a></li>
<li><a href="Buy.php">Buy Now</a></li>
<li><a href="ContactMe.html">Contact Me</a></li>
<li><a href="logout.php">Sign Out</a></li>
</ul>
</div><!-- end of #menu -->
<div id="content">
<div id="inner-content">
<div class="subnav">
<p>Please log in before entering the site!</p>
<div id="ContentForm1_3">
<form action="checkuser.php" method="post" name="" id="">
  <table width="50%" border="0" align="center" cellpadding="4" cellspacing="0">
    <tr> 
      <td width="22%">Username</td>
      <td width="78%"><input name="username" type="text" id="username"></td>
    </tr>
    <tr> 
      <td>Password</td>
      <td><input name="password" type="password" id="password"></td>
    </tr>
    <tr> 
      <td>&nbsp;</td>
      <td><input type="submit" name="Submit" value="Submit"></td>
    </tr>
  </table>
  <div style="margin-left: 180px; margin-top: 5px;">
	<a href="lost_pw.html">Lost Password</a>
	</div>
</form>
</div>
<br />
<br />
<br />
<br />
</div><!-- end of .subnav -->
</div><!-- end of #inner-content -->
<div id="footer">
<div class="left">
&copy; 2011 **************, All Rights Reserved
</div><!-- end of .left -->
<div class="right">
Web Design by <a href="http://www.facebook.com/pages/Gene-Howell/166880296733102?sk=info" target="_blank">Gene Howell</a>. Hosting by <a href="http://www.godaddy.com/default.aspx" target="_blank">Godaddy.com</a>
</div><!-- end of .right -->
</div><!-- end of #footer -->
</div><!-- end of #content -->
</body>
</html>

Here is the blog-admin-area.php (admin page)

<?php

session_start();
include('core/init.inc.php');

if(!isset($_SESSION['username']) || empty($_SESSION['username'])){
   echo "You must be logged in. Click <a href='login.php'>here</a> to login!";
  exit();
}
if(isset($_POST['Submit'])){
$user = $_POST['username'];
$pass = $_POST['password'];
// validate the data
$user = stripslashes($user);
$pass = stripslashes($pass);
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
 
mysql_connect("***********","******","*******");
mysql_select_db("********");
$select = "SELECT * FROM USERS where username='".$_SESSION['$user']."' && password='".$_SESSION['$pass']."'";
$msq = mysql_query($select);
if(mysql_num_rows($msq)>0)
{
while($row = mysql_fetch_array($msq))
{
$username = $row['username'];
 
$_SESSION['username'] = $username;
echo $_SESSION['username'];
 
}
header("location: checkuser.php");
}}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>
</title>
<link rel="stylesheet" type="text/css" href="CSS/style.css" />
<meta name="description" content="This book will give women, men, and teenagers a different perspective on pregnancy and your life immediately following having kids. This story describes my overall experience being pregnant. This book will prepare all women to make sure that they are ready to get pregnant! I hope you enjoy!!!" />
<meta name="keywords" content="*********,teen,teen mother,TEEN MOTHER,struggle,life,Baby,babysitting,childbirth,pregnancy,giving birth,hospital,health,mom,being a mom,parent,being a parent,Ready or Not,books,story,blog,blogs,email,family," />
<script type="text/javascript">
function preload(arrayOfImages) {
    $(arrayOfImages).each(function(){
        $('<Images/>')[0].src = this;
        // Alternatively you could use:
        // (new Images()).src = this;
    });
}

// Usage:

preload([
    'Images/butterfly-background.jpg',
    'Images/book cover2 another version1.jpg',
    'Images/facebook-logo-pink.png'
	'Images/Email-icon.jpg'
	'Images/header-background.jpg'
	'menu-background.jpg'
]);
</script>
</head>
<body>
<div class="container">
<div id="main-pic">
<a href="AboutMe.html"><div id="main-pic-background"><img src="Images/********.jpeg" width="240px" height="327px" /></div><!-- end of #main-pic-background --></a>
</div><!-- end of #main-pic -->
<div id="side-pic1"><a href="#"><table style="margin-left: 4px; margin-top: 4px;" border="0" width="204px" height="54" cellpadding="0" cellspacing="0">
       <tr>
	<td style="border-top: 1px solid purple; border-left: 1px solid purple; border-bottom: 1px solid purple; padding-left: 5px; padding-right: 15px;"><img src="Images/facebook-logo-pink.png" width="38px" height="38px" /></td>
	<td style="border-top: 1px solid purple; border-right: 1px solid purple; border-bottom: 1px solid purple; color: #000;">Become A Fan of ******** on Facebook</td>
       </tr>
</table></a>
</div><!-- end of #sid-pic1 -->
<div id="side-pic2"><a href="EmailForm.php" target="_blank"><div class="inner-side-pic2"><img src="Images/Email-icon.jpg" width="50px" height="40px" /><div class="inner-side-pic2-text">Shoot ******** an Email!!<!-- end of .inner-side-pic-text --></div></div><!-- end of .inner-side-pic2 --></a></div><!-- end of #side-pic2 -->
<div id="side-pic3">
<a href="Buy.php"><img src="Images/book cover2 another version1.jpg" width="210px" height="300px" /></a></div><!-- end of #side-pic3 -->
<div id="Archives"><p class="archives">Archives</p></div><!-- end of #Archives -->
<div id="Archives-content">
<p class="Archives-content-text"><i>Check Out My Recent Posts!</i></p>
<ul>
	<li><a href="#">November</a></li>
</ul>
</div><!-- end of #Archives-content -->
<div id="side-pic5">
<div class="inner-side-pic5">
<div class="inner-side-pic5-text">
<h3 style="font-size: 20px; font-weight: bold; margin-left: 10px;"><u>Recent Blog Posts</u></h3>
<ul>
	<li><span class="headline"><b>No blogs Have been posted at this time.<b></span></li><br />
	<li><span class="headline">Please check back later for more updates!</b></span></li>
</ul>
</div><!-- end of inner-side-pic4-text -->
</div><!-- end of .inner-side-pic5 -->
</div><!-- end of #side-pic5 -->
<div id="header">
<div id="nav-header">
<a href="index.php"><h1><i>****************</i></h1><h2><i><u>Ready or Not!!</u></i></h2></a>
</div><!-- end of nav-header -->
</div><!-- end of #header -->
<div id="menu">
<ul>
<li><a href="index.php">Home</a></li>
<li><a href="Register1.php">Register</a></li>
<li><a href="AboutMe.html">About Me</a></li>
<li><a href="Blog.php">Blog</a></li>
<li><a href="Buy.php">Buy Now</a></li>
<li><a href="ContactMe.html">Contact Me</a></li>
<li><a href="logout.php">Sign Out</a></li>
</ul>
</div><!-- end of #menu -->
<div id="content">
<div id="login-content">
<u>Log In</u>
<form action="checkuser.php" method="post" name="" id="">
Username:<br />
<input size="10" type="text" name="username" id="username" /><br />
Password:<br />
<input size="10" type="password" name="password" id="password" /><br />
<input type="submit" name="Submit" value="Submit">
</form>
</div><!--end of #login-content-->
<div id="inner-content">
<div class="subnav">
<div style="margin-left: 50px;"><a href="Blog.php">Read Blog</a> | <a href="blog_post.php">Post Blog</a></div>
<?php
			
			$posts = get_posts();
			
			foreach ($posts as $post){
				?>
				<h2 style="margin-left: 80px;"><a href="blog_read.php?pid=<?php echo $post['id']; ?>"><?php echo $post['title']; ?></a></h2>
				<h4 style="margin-left: 80px;">By <?php echo $post['user']; ?> on <?php echo $post['date']; ?></h4>
				<h4 style="margin-left: 80px;">(<?php echo $post['total_comments']; ?> comments, last comment <?php echo $post['last_comment']; ?>)</h4>
				
				<hr style="margin-left: 80px;" width="60%"  />
				
				<p style="margin-left: 80px;"><?php echo $post['preview']; ?></p>
				<?php
			}
			
			?>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<div style="clear: both;"></div>
</div><!-- end of .subnav -->
</div><!-- end of #inner-content -->
<div id="footer">
<div class="left">
&copy; 2011 ************, All Rights Reserved
</div><!-- end of .left -->
<div class="right">
Web Design by <a href="http://www.facebook.com/pages/Gene-Howell/166880296733102?sk=info" target="_blank">Gene Howell</a>. Hosting by <a href="http://www.godaddy.com/default.aspx" target="_blank">Godaddy.com</a>
</div><!-- end of .right -->
</div><!-- end of #footer -->
</div><!-- end of #content -->
</div><!-- end of .container -->
</body>
</html>

and here is the blog.php (user area)

<?php

session_start();
include('core/init.inc.php');

if(!isset($_SESSION['username']) || empty($_SESSION['username'])){
   echo "You must be logged in. Click <a href='login.php'>here</a> to login!";
  exit();
}
if(isset($_POST['Submit'])){
$user = $_POST['username'];
$pass = $_POST['password'];
// validate the data
$user = stripslashes($user);
$pass = stripslashes($pass);
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
 
mysql_connect("********","*******","**********");
mysql_select_db("*********");
$select = "SELECT * FROM USERS where username='".$_SESSION['$user']."' && password='".$_SESSION['$pass']."'";
$msq = mysql_query($select);
if(mysql_num_rows($msq)>0)
{
while($row = mysql_fetch_array($msq))
{
$username = $row['username'];
 
$_SESSION['username'] = $username;
echo $_SESSION['username'];
 
}
header("location: checkuser.php");
}}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>
</title>
<link rel="stylesheet" type="text/css" href="CSS/style.css" />
<meta name="description" content="This book will give women, men, and teenagers a different perspective on pregnancy and your life immediately following having kids. This story describes my overall experience being pregnant. This book will prepare all women to make sure that they are ready to get pregnant! I hope you enjoy!!!" />
<meta name="keywords" content="************,teen,teen mother,TEEN MOTHER,struggle,life,Baby,babysitting,childbirth,pregnancy,giving birth,hospital,health,mom,being a mom,parent,being a parent,Ready or Not,books,story,blog,blogs,email,family," />
<script type="text/javascript">
function preload(arrayOfImages) {
    $(arrayOfImages).each(function(){
        $('<Images/>')[0].src = this;
        // Alternatively you could use:
        // (new Images()).src = this;
    });
}

// Usage:

preload([
    'Images/butterfly-background.jpg',
    'Images/book cover2 another version1.jpg',
    'Images/facebook-logo-pink.png'
	'Images/Email-icon.jpg'
	'Images/header-background.jpg'
	'menu-background.jpg'
]);
</script>
</head>
<body>
<div class="container">
<div id="main-pic">
<a href="AboutMe.html"><div id="main-pic-background"><img src="Images/********.jpeg" width="240px" height="327px" /></div><!-- end of #main-pic-background --></a>
</div><!-- end of #main-pic -->
<div id="side-pic1"><a href="#"><table style="margin-left: 4px; margin-top: 4px;" border="0" width="204px" height="54" cellpadding="0" cellspacing="0">
       <tr>
	<td style="border-top: 1px solid purple; border-left: 1px solid purple; border-bottom: 1px solid purple; padding-left: 5px; padding-right: 15px;"><img src="Images/facebook-logo-pink.png" width="38px" height="38px" /></td>
	<td style="border-top: 1px solid purple; border-right: 1px solid purple; border-bottom: 1px solid purple; color: #000;">Become A Fan of ******** on Facebook</td>
       </tr>
</table></a>
</div><!-- end of #sid-pic1 -->
<div id="side-pic2"><a href="EmailForm.php" target="_blank"><div class="inner-side-pic2"><img src="Images/Email-icon.jpg" width="50px" height="40px" /><div class="inner-side-pic2-text">Shoot ********* an Email!!<!-- end of .inner-side-pic-text --></div></div><!-- end of .inner-side-pic2 --></a></div><!-- end of #side-pic2 -->
<div id="side-pic3">
<a href="Buy.php"><img src="Images/book cover2 another version1.jpg" width="210px" height="300px" /></a></div><!-- end of #side-pic3 -->
<div id="Archives"><p class="archives">Archives</p></div><!-- end of #Archives -->
<div id="Archives-content">
<p class="Archives-content-text"><i>Check Out My Recent Posts!</i></p>
<ul>
	<li><a href="#">November</a></li>
</ul>
</div><!-- end of #Archives-content -->
<div id="side-pic5">
<div class="inner-side-pic5">
<div class="inner-side-pic5-text">
<h3 style="font-size: 20px; font-weight: bold; margin-left: 10px;"><u>Recent Blog Posts</u></h3>
<ul>
	<li><span class="headline"><b>No blogs Have been posted at this time.<b></span></li><br />
	<li><span class="headline">Please check back later for more updates!</b></span></li>
</ul>
</div><!-- end of inner-side-pic4-text -->
</div><!-- end of .inner-side-pic5 -->
</div><!-- end of #side-pic5 -->
<div id="header">
<div id="nav-header">
<a href="index.php"><h1><i>****************</i></h1><h2><i><u>Ready or Not!!</u></i></h2></a>
</div><!-- end of nav-header -->
</div><!-- end of #header -->
<div id="menu">
<ul>
<li><a href="index.php">Home</a></li>
<li><a href="Register1.php">Register</a></li>
<li><a href="AboutMe.html">About Me</a></li>
<li><a href="Blog.php">Blog</a></li>
<li><a href="Buy.php">Buy Now</a></li>
<li><a href="ContactMe.html">Contact Me</a></li>
<li><a href="logout.php">Sign Out</a></li>
</ul>
</div><!-- end of #menu -->
<div id="content">
<div id="login-content">
<u>Log In</u>
<form action="checkuser.php" method="post" name="" id="">
Username:<br />
<input size="10" type="text" name="username" id="username" /><br />
Password:<br />
<input size="10" type="password" name="password" id="password" /><br />
<input type="submit" name="Submit" value="Submit">
</form>
</div><!--end of #login-content-->
<div id="inner-content">
<div class="subnav">
<h1 style="margin-left: 50px;">My Blogs</h1>
<?php
			
			$posts = get_posts();
			
			foreach ($posts as $post){
				?>
				<h2 style="margin-left: 80px;"><a href="blog_read.php?pid=<?php echo $post['id']; ?>"><?php echo $post['title']; ?></a></h2>
				<h4 style="margin-left: 80px;">By <?php echo $post['user']; ?> on <?php echo $post['date']; ?></h4>
				<h4 style="margin-left: 80px;">(<?php echo $post['total_comments']; ?> comments, last comment <?php echo $post['last_comment']; ?>)</h4>
				
				<hr style="margin-left: 80px;" width="60%"  />
				
				<p style="margin-left: 80px;"><?php echo $post['preview']; ?></p>
				<?php
			}
			
			?>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<div style="clear: both;"></div>
</div><!-- end of .subnav -->
</div><!-- end of #inner-content -->
<div id="footer">
<div class="left">
&copy; 2011 ***********, All Rights Reserved
</div><!-- end of .left -->
<div class="right">
Web Design by <a href="http://www.facebook.com/pages/Gene-Howell/166880296733102?sk=info" target="_blank">Gene Howell</a>. Hosting by <a href="http://www.godaddy.com/default.aspx" target="_blank">Godaddy.com</a>
</div><!-- end of .right -->
</div><!-- end of #footer -->
</div><!-- end of #content -->
</div><!-- end of .container -->
</body>
</html>
Member Avatar for hielo

On all three files you have:

...
$user = $_POST['username'];
$pass = $_POST['password'];
// validate the data
$user = stripslashes($user);
$pass = stripslashes($pass);

//WRONG: You cannot call mysql_real_escape_string() until AFTER you have connected to the DB
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
 
mysql_connect("127.0.0.1","root","");
mysql_select_db("member");

//WRONG: you cannot use $_SESSION on the query string. You need to use the values submitted
//which you have stored in $user and $password variables
$select = "SELECT * FROM USERS where username='".$_SESSION['$user']."' && password='".$_SESSION['$pass']."'";
$msq = mysql_query($select);
...

change those lines (on all three files) to:

...
$user = $_POST['username'];
$pass = $_POST['password'];

// validate the data
$user = stripslashes($user);
$pass = stripslashes($pass);
 
mysql_connect("127.0.0.1","root","") or die(mysql_error());
mysql_select_db("member") or die(mysql_error());

$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);

$select = "SELECT * FROM USERS where username='". $user ."' AND password='". $pass . "'";
$msq = mysql_query($select) or die(mysql_error());
...
Member Avatar for geneh23

I still get the same result ..resulting in it redirects to the right page but it outputs the message saying "You must be logged in. Click here to login!"..

Member Avatar for hielo

but it outputs the message saying "You must be logged in. Click here to login!"..

change:
if(!isset($_SESSION['username']) || empty($_SESSION['username']))

to:
if(!isset($_POST['Submit']) && (!isset($_SESSION['username']) || empty($_SESSION['username'])))

Edited by mike_2000_17 because: Fixed formatting
Member Avatar for geneh23

I still get the same response.. :/

Member Avatar for hielo

backup your files and then create new files with the code below (make sure you copy and paste). Also, in login.php, be sure to edit the db credentials as well as line 61 (provide email address for $webmaster );

<?php
//login.php
session_start();
$err='';
$file=strip_tags($_SERVER['PHP_SELF']);

if(isset($_POST['Submit']))
{
	mysql_connect('127.0.0.1','root','') or die(mysql_error());
	mysql_select_db('member') or die(mysql_error());

	$user = mysql_real_escape_string(stripslashes($_POST['user']));
	$pass = mysql_real_escape_string(stripslashes($_POST['pass']));

	$select = "SELECT * FROM `USERS` where `username`='".$_POST['user']."' AND `password`='".$_POST['password']."'";
	$msq = mysql_query($select) or die(mysql_error());
	$total=mysql_num_rows($msq);
	if(1==$total)
	{
		$row = mysql_fetch_assoc($msq);
		foreach($row as $k=$v)
		{
			$_SESSION[$k] = $v;
		}
		//there is no need to go to checkuser.php just to figure out the user level.
		//If you look at your query in checkuser, it is also doing 
		//	SELECT * FROM users WHERE username='XXX'
		//That means that if the correct username/password were entered, the query
		//above already got the user-level and is currently stored in $_SESSION['user_level']
		//Thus, instead of redirecting to:
		//	header("location: checkuser.php");
		//and re-querying the db on that other file, attemp to redirect the user
		//on this file (which is what the elseif-else is doing below
		if(isset($_SESSION['returnTo']) && !empty($_SESSION['returnTo']))
		{
			$temp=$_SESSION['returnTo'];
			$_SESSION['returnTo']=NULL;
			header('Location: '.$temp);
		}
		elseif(1==(int)$_SESSION['user_level'])
		{
			header('Location: Blog-admin-area.php');
		}
		else
		{
			header('Location: index.php');		
		}
		exit;
	}
	elseif(0==$total)
	{
		$err='<p>Incorrect username/password</p>';
	}
	else
	{
		$err='<p>We are currently experiencing technical difficulties.  Please try again later.</p>';

		$msg='Error encountered at '.$file.'.  Expected the query to yield zero or one row, but instead the query generated '.$total.' rows.'.PHP_EOL;
		$msg.='The submitted data is as follows:'.PHP_EOL.print_r($_POST,true);

		$webmaster='webmaster@yourdomain.com';
		$to=$webmaster;

		$subject='Error at Login Page';

		$headers='To: '.$to.PHP_EOL;
		$headers.='From: '.$webmaster.PHP_EOL;
		$headers.='Return-Path: '.$webmaster.PHP_EOL;
		
		mail($to,$subject,$msg,$headers);
	}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>
</title>
<link rel="stylesheet" type="text/css" href="CSS/style.css" />
<meta name="description" content="This book will give women, men, and teenagers a different perspective on pregnancy and your life immediately following having kids. This story describes my overall experience being pregnant. This book will prepare all women to make sure that they are ready to get pregnant! I hope you enjoy!!!" />
<meta name="keywords" content="***************,teen,teen mother,TEEN MOTHER,struggle,life,Baby,babysitting,childbirth,pregnancy,giving birth,hospital,health,mom,being a mom,parent,being a parent,Ready or Not,books,story,blog,blogs,email,family," />
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js"></script>
<script type="text/javascript" src="js/main.js"></script>
<script type="text/javascript">
function preload(arrayOfImages) {
    $(arrayOfImages).each(function(){
        $('<Images/>')[0].src = this;
        // Alternatively you could use:
        // (new Images()).src = this;
    });
}

// Usage:

preload([
    'Images/butterfly-background.jpg',
    'Images/book cover2 another version1.jpg',
    'Images/facebook-logo-pink.png'
	'Images/Email-icon.jpg'
	'Images/header-background.jpg'
	'menu-background.jpg'
]);
</script>
</head>
<body>

<div class="container">
<div id="header">
<div id="nav-header">
<a href="index.php"><h1><i>**************</i></h1><h2><i><u>Ready or Not!!</u></i></h2></a>
</div><!-- end of nav-header -->
</div><!-- end of #header -->
<div id="menu">
<ul>
<li><a href="index.php">Home</a></li>
<li><a href="Register1.php">Register</a></li>
<li><a href="AboutMe.html">About Me</a></li>
<li><a href="Blog.php">Blog</a></li>
<li><a href="Buy.php">Buy Now</a></li>
<li><a href="ContactMe.html">Contact Me</a></li>
<li><a href="logout.php">Sign Out</a></li>
</ul>
</div><!-- end of #menu -->
<div id="content">
<div id="inner-content">
<div class="subnav">
<p>Please log in before entering the site!</p>
<div id="ContentForm1_3">
<?php
if(!empty($err))
{
	echo $err;
}
?>
<form action="<?php echo $file;?>" method="post">
  <table width="50%" border="0" align="center" cellpadding="4" cellspacing="0">
    <tr> 
      <td width="22%">Username</td>
      <td width="78%"><input name="username" type="text" id="username"></td>
    </tr>
    <tr> 
      <td>Password</td>
      <td><input name="password" type="password" id="password"></td>
    </tr>
    <tr> 
      <td>&nbsp;</td>
      <td><input type="submit" name="Submit" value="Submit"></td>
    </tr>
  </table>
  <div style="margin-left: 180px; margin-top: 5px;">
	<a href="lost_pw.html">Lost Password</a>
	</div>
</form>
</div>
<br />
<br />
<br />
<br />
</div><!-- end of .subnav -->
</div><!-- end of #inner-content -->
<div id="footer">
<div class="left">
&copy; 2011 **************, All Rights Reserved
</div><!-- end of .left -->
<div class="right">
Web Design by <a href="http://www.facebook.com/pages/Gene-Howell/166880296733102?sk=info" target="_blank">Gene Howell</a>. Hosting by <a href="http://www.godaddy.com/default.aspx" target="_blank">Godaddy.com</a>
</div><!-- end of .right -->
</div><!-- end of #footer -->
</div><!-- end of #content -->
</body>
</html>
<?php
//blog.php
session_start();

include('core/init.inc.php');

if(!isset($_SESSION['username']) || empty($_SESSION['username']))
{
	$_SESSION['returnTo']='blog.php';
	echo "You must be logged in. Click <a href='login.php'>here</a> to login!";
	exit();
}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>
</title>
<link rel="stylesheet" type="text/css" href="CSS/style.css" />
<meta name="description" content="This book will give women, men, and teenagers a different perspective on pregnancy and your life immediately following having kids. This story describes my overall experience being pregnant. This book will prepare all women to make sure that they are ready to get pregnant! I hope you enjoy!!!" />
<meta name="keywords" content="************,teen,teen mother,TEEN MOTHER,struggle,life,Baby,babysitting,childbirth,pregnancy,giving birth,hospital,health,mom,being a mom,parent,being a parent,Ready or Not,books,story,blog,blogs,email,family," />
<script type="text/javascript">
function preload(arrayOfImages) {
    $(arrayOfImages).each(function(){
        $('<Images/>')[0].src = this;
        // Alternatively you could use:
        // (new Images()).src = this;
    });
}

// Usage:

preload([
    'Images/butterfly-background.jpg',
    'Images/book cover2 another version1.jpg',
    'Images/facebook-logo-pink.png'
	'Images/Email-icon.jpg'
	'Images/header-background.jpg'
	'menu-background.jpg'
]);
</script>
</head>
<body>
<div class="container">
<div id="main-pic">
<a href="AboutMe.html"><div id="main-pic-background"><img src="Images/********.jpeg" width="240px" height="327px" /></div><!-- end of #main-pic-background --></a>
</div><!-- end of #main-pic -->
<div id="side-pic1"><a href="#"><table style="margin-left: 4px; margin-top: 4px;" border="0" width="204px" height="54" cellpadding="0" cellspacing="0">
       <tr>
	<td style="border-top: 1px solid purple; border-left: 1px solid purple; border-bottom: 1px solid purple; padding-left: 5px; padding-right: 15px;"><img src="Images/facebook-logo-pink.png" width="38px" height="38px" /></td>
	<td style="border-top: 1px solid purple; border-right: 1px solid purple; border-bottom: 1px solid purple; color: #000;">Become A Fan of ******** on Facebook</td>
       </tr>
</table></a>
</div><!-- end of #sid-pic1 -->
<div id="side-pic2"><a href="EmailForm.php" target="_blank"><div class="inner-side-pic2"><img src="Images/Email-icon.jpg" width="50px" height="40px" /><div class="inner-side-pic2-text">Shoot ********* an Email!!<!-- end of .inner-side-pic-text --></div></div><!-- end of .inner-side-pic2 --></a></div><!-- end of #side-pic2 -->
<div id="side-pic3">
<a href="Buy.php"><img src="Images/book cover2 another version1.jpg" width="210px" height="300px" /></a></div><!-- end of #side-pic3 -->
<div id="Archives"><p class="archives">Archives</p></div><!-- end of #Archives -->
<div id="Archives-content">
<p class="Archives-content-text"><i>Check Out My Recent Posts!</i></p>
<ul>
	<li><a href="#">November</a></li>
</ul>
</div><!-- end of #Archives-content -->
<div id="side-pic5">
<div class="inner-side-pic5">
<div class="inner-side-pic5-text">
<h3 style="font-size: 20px; font-weight: bold; margin-left: 10px;"><u>Recent Blog Posts</u></h3>
<ul>
	<li><span class="headline"><b>No blogs Have been posted at this time.<b></span></li><br />
	<li><span class="headline">Please check back later for more updates!</b></span></li>
</ul>
</div><!-- end of inner-side-pic4-text -->
</div><!-- end of .inner-side-pic5 -->
</div><!-- end of #side-pic5 -->
<div id="header">
<div id="nav-header">
<a href="index.php"><h1><i>****************</i></h1><h2><i><u>Ready or Not!!</u></i></h2></a>
</div><!-- end of nav-header -->
</div><!-- end of #header -->
<div id="menu">
<ul>
<li><a href="index.php">Home</a></li>
<li><a href="Register1.php">Register</a></li>
<li><a href="AboutMe.html">About Me</a></li>
<li><a href="Blog.php">Blog</a></li>
<li><a href="Buy.php">Buy Now</a></li>
<li><a href="ContactMe.html">Contact Me</a></li>
<li><a href="logout.php">Sign Out</a></li>
</ul>
</div><!-- end of #menu -->
<div id="content">
<div id="login-content">
<u>Log In</u>
<form action="login.php" method="post" >
Username:<br />
<input size="10" type="text" name="username" id="username" /><br />
Password:<br />
<input size="10" type="password" name="password" id="password" /><br />
<input type="submit" name="Submit" value="Submit">
</form>
</div><!--end of #login-content-->
<div id="inner-content">
<div class="subnav">
<h1 style="margin-left: 50px;">My Blogs</h1>
<?php
			
			$posts = get_posts();
			
			foreach ($posts as $post){
				?>
				<h2 style="margin-left: 80px;"><a href="blog_read.php?pid=<?php echo $post['id']; ?>"><?php echo $post['title']; ?></a></h2>
				<h4 style="margin-left: 80px;">By <?php echo $post['user']; ?> on <?php echo $post['date']; ?></h4>
				<h4 style="margin-left: 80px;">(<?php echo $post['total_comments']; ?> comments, last comment <?php echo $post['last_comment']; ?>)</h4>
				
				<hr style="margin-left: 80px;" width="60%"  />
				
				<p style="margin-left: 80px;"><?php echo $post['preview']; ?></p>
				<?php
			}
			
			?>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<div style="clear: both;"></div>
</div><!-- end of .subnav -->
</div><!-- end of #inner-content -->
<div id="footer">
<div class="left">
&copy; 2011 ***********, All Rights Reserved
</div><!-- end of .left -->
<div class="right">
Web Design by <a href="http://www.facebook.com/pages/Gene-Howell/166880296733102?sk=info" target="_blank">Gene Howell</a>. Hosting by <a href="http://www.godaddy.com/default.aspx" target="_blank">Godaddy.com</a>
</div><!-- end of .right -->
</div><!-- end of #footer -->
</div><!-- end of #content -->
</div><!-- end of .container -->
</body>
</html>
<?php
//Blog-admin-area.php
session_start();
include('core/init.inc.php');

if(!isset($_SESSION['username']) || empty($_SESSION['username']))
{
	$_SESSION['returnTo']='Blog-admin-area.php';
	echo "<p>You must be logged in. Click <a href='login.php'>here</a> to login!</p>";
	exit;
}
elseif(1!=(int)$_SESSION['user_level'])
{
	echo '<p>You are not allowed to access this page</p>';
	exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>
</title>
<link rel="stylesheet" type="text/css" href="CSS/style.css" />
<meta name="description" content="This book will give women, men, and teenagers a different perspective on pregnancy and your life immediately following having kids. This story describes my overall experience being pregnant. This book will prepare all women to make sure that they are ready to get pregnant! I hope you enjoy!!!" />
<meta name="keywords" content="*********,teen,teen mother,TEEN MOTHER,struggle,life,Baby,babysitting,childbirth,pregnancy,giving birth,hospital,health,mom,being a mom,parent,being a parent,Ready or Not,books,story,blog,blogs,email,family," />
<script type="text/javascript">
function preload(arrayOfImages) {
    $(arrayOfImages).each(function(){
        $('<Images/>')[0].src = this;
        // Alternatively you could use:
        // (new Images()).src = this;
    });
}

// Usage:

preload([
    'Images/butterfly-background.jpg',
    'Images/book cover2 another version1.jpg',
    'Images/facebook-logo-pink.png'
	'Images/Email-icon.jpg'
	'Images/header-background.jpg'
	'menu-background.jpg'
]);
</script>
</head>
<body>
<div class="container">
<div id="main-pic">
<a href="AboutMe.html"><div id="main-pic-background"><img src="Images/********.jpeg" width="240px" height="327px" /></div><!-- end of #main-pic-background --></a>
</div><!-- end of #main-pic -->
<div id="side-pic1"><a href="#"><table style="margin-left: 4px; margin-top: 4px;" border="0" width="204px" height="54" cellpadding="0" cellspacing="0">
       <tr>
	<td style="border-top: 1px solid purple; border-left: 1px solid purple; border-bottom: 1px solid purple; padding-left: 5px; padding-right: 15px;"><img src="Images/facebook-logo-pink.png" width="38px" height="38px" /></td>
	<td style="border-top: 1px solid purple; border-right: 1px solid purple; border-bottom: 1px solid purple; color: #000;">Become A Fan of ******** on Facebook</td>
       </tr>
</table></a>
</div><!-- end of #sid-pic1 -->
<div id="side-pic2"><a href="EmailForm.php" target="_blank"><div class="inner-side-pic2"><img src="Images/Email-icon.jpg" width="50px" height="40px" /><div class="inner-side-pic2-text">Shoot ******** an Email!!<!-- end of .inner-side-pic-text --></div></div><!-- end of .inner-side-pic2 --></a></div><!-- end of #side-pic2 -->
<div id="side-pic3">
<a href="Buy.php"><img src="Images/book cover2 another version1.jpg" width="210px" height="300px" /></a></div><!-- end of #side-pic3 -->
<div id="Archives"><p class="archives">Archives</p></div><!-- end of #Archives -->
<div id="Archives-content">
<p class="Archives-content-text"><i>Check Out My Recent Posts!</i></p>
<ul>
	<li><a href="#">November</a></li>
</ul>
</div><!-- end of #Archives-content -->
<div id="side-pic5">
<div class="inner-side-pic5">
<div class="inner-side-pic5-text">
<h3 style="font-size: 20px; font-weight: bold; margin-left: 10px;"><u>Recent Blog Posts</u></h3>
<ul>
	<li><span class="headline"><b>No blogs Have been posted at this time.<b></span></li><br />
	<li><span class="headline">Please check back later for more updates!</b></span></li>
</ul>
</div><!-- end of inner-side-pic4-text -->
</div><!-- end of .inner-side-pic5 -->
</div><!-- end of #side-pic5 -->
<div id="header">
<div id="nav-header">
<a href="index.php"><h1><i>****************</i></h1><h2><i><u>Ready or Not!!</u></i></h2></a>
</div><!-- end of nav-header -->
</div><!-- end of #header -->
<div id="menu">
<ul>
<li><a href="index.php">Home</a></li>
<li><a href="Register1.php">Register</a></li>
<li><a href="AboutMe.html">About Me</a></li>
<li><a href="Blog.php">Blog</a></li>
<li><a href="Buy.php">Buy Now</a></li>
<li><a href="ContactMe.html">Contact Me</a></li>
<li><a href="logout.php">Sign Out</a></li>
</ul>
</div><!-- end of #menu -->
<div id="content">
<div id="login-content">
<u>Log In</u>
<form action="login.php" method="post">
Username:<br />
<input size="10" type="text" name="username" id="username" /><br />
Password:<br />
<input size="10" type="password" name="password" id="password" /><br />
<input type="submit" name="Submit" value="Submit">
</form>
</div><!--end of #login-content-->
<div id="inner-content">
<div class="subnav">
<div style="margin-left: 50px;"><a href="Blog.php">Read Blog</a> | <a href="blog_post.php">Post Blog</a></div>
<?php
			
			$posts = get_posts();
			
			foreach ($posts as $post){
				?>
				<h2 style="margin-left: 80px;"><a href="blog_read.php?pid=<?php echo $post['id']; ?>"><?php echo $post['title']; ?></a></h2>
				<h4 style="margin-left: 80px;">By <?php echo $post['user']; ?> on <?php echo $post['date']; ?></h4>
				<h4 style="margin-left: 80px;">(<?php echo $post['total_comments']; ?> comments, last comment <?php echo $post['last_comment']; ?>)</h4>
				
				<hr style="margin-left: 80px;" width="60%"  />
				
				<p style="margin-left: 80px;"><?php echo $post['preview']; ?></p>
				<?php
			}
			
			?>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<div style="clear: both;"></div>
</div><!-- end of .subnav -->
</div><!-- end of #inner-content -->
<div id="footer">
<div class="left">
&copy; 2011 ************, All Rights Reserved
</div><!-- end of .left -->
<div class="right">
Web Design by <a href="http://www.facebook.com/pages/Gene-Howell/166880296733102?sk=info" target="_blank">Gene Howell</a>. Hosting by <a href="http://www.godaddy.com/default.aspx" target="_blank">Godaddy.com</a>
</div><!-- end of .right -->
</div><!-- end of #footer -->
</div><!-- end of #content -->
</div><!-- end of .container -->
</body>
</html>
Member Avatar for geneh23

I get this for the login.php page

"Parse error: syntax error, unexpected '=', expecting ')' in C:\Program Files (x86)\EasyPHP-5.3.8.1\www\Test\logIn.php on line 21"

Member Avatar for diafol

WOW - 500 lines of code! Is the whole lot giving you a problem or could you cut it down to a digestible size?

Member Avatar for geneh23

ok, sorry these are the three bits of php for the login, admin page..and user page that give me issues..when I login..it wont keep me logged in and goes to to directed page but it says I need to log in again..

login.php

<?php
session_start();
 
if(isset($_POST['Submit'])){
$user = $_POST['username'];
$pass = $_POST['password'];
// validate the data
$user = stripslashes($user);
$pass = stripslashes($pass);
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
 
mysql_connect("********","******","******");
mysql_select_db("*******");
$select = "SELECT * FROM USERS where username='".$_SESSION['$user']."' && password='".$_SESSION['$pass']."'";
$msq = mysql_query($select);
if(mysql_num_rows($msq)>0)
{
while($row = mysql_fetch_array($msq))
{
$username = $row['username'];
 
$_SESSION['username'] = $username;
echo $_SESSION['username'];
 
}
header("location: checkuser.php");
}}
?>

checkuser.php(script that runs after login process to direct user depending on user-level)

<?php
session_start();
error_reporting (E_ALL );
 
 
//connect to db
$connect = mysql_connect("*********","********","******") or die( mysql_error() );
mysql_select_db("******") or die( mysql_error() );
 
 
 
$get = mysql_query("SELECT * FROM `users` WHERE `username`='".$_POST['username']."'") or die(mysql_error());
while($row = mysql_fetch_array($get)) 
{
   $admin = $row['user_level'];
         if ($admin == 0)
         {
            header("Location: index.php");
            exit;
         }
        elseif ($admin == 1) 
        {
           header("Location: Blog-admin-area.php");
           exit;
        }
      else
      {
         echo "this is an invalid status";
         }
}
?>

blog.php(user-area)

<?php

session_start();
include('core/init.inc.php');

if(!isset($_POST['Submit']) && (!isset($_SESSION['username']) || empty($_SESSION['username'])))
{
   echo "You must be logged in. Click <a href='login.php'>here</a> to login!";
  exit();
}
if(isset($_POST['Submit'])){
$user = $_POST['username'];
$pass = $_POST['password'];
 
// validate the data
$user = stripslashes($user);
$pass = stripslashes($pass);
 
mysql_connect("*******","******","*****") or die(mysql_error());
mysql_select_db("********") or die(mysql_error());
 
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
 
$select = "SELECT * FROM USERS where username='". $user ."' AND password='". $pass . "'";
$msq = mysql_query($select) or die(mysql_error());
if(mysql_num_rows($msq)>0)
{
while($row = mysql_fetch_array($msq))
{
$username = $row['username'];
 
$_SESSION['username'] = $username;
echo $_SESSION['username'];
 
}
header("location: checkuser.php");
}}
?>

blog-admin-area.php(admin page)

<?php

session_start();
include('core/init.inc.php');

if(!isset($_POST['Submit']) && (!isset($_SESSION['username']) || empty($_SESSION['username'])))
{
   echo "You must be logged in. Click <a href='login.php'>here</a> to login!";
  exit();
}
if(isset($_POST['Submit'])){
$user = $_POST['username'];
$pass = $_POST['password'];
 
// validate the data
$user = stripslashes($user);
$pass = stripslashes($pass);
 
mysql_connect("*******","******","*******") or die(mysql_error());
mysql_select_db("********") or die(mysql_error());
 
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
 
$select = "SELECT * FROM USERS where username='". $user ."' AND password='". $pass . "'";
$msq = mysql_query($select) or die(mysql_error());
if(mysql_num_rows($msq)>0)
{
while($row = mysql_fetch_array($msq))
{
$username = $row['username'];
 
$_SESSION['username'] = $username;
echo $_SESSION['username'];
 
}
header("location: checkuser.php");
}}
?>
Member Avatar for hielo

I re-coded the files for you. The version of login.php you have above is NOT the one I gave you. Use the three files I gave you (which have absolutely no use for check_user.php. Read the comments in my version of login.php to find out why you don't need check_user.php).

Additionally, the error on line 21 of my version of login.php is the foreach. It should be:
foreach($row as $k=>$v)

Edited by mike_2000_17 because: Fixed formatting
Member Avatar for geneh23

It's working!!! Thanks @hielo and everyone else who delt with my stupidity!!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.