I am trying to get a user to insert value of specific row in db table. However I keep getting an error: Call to a member function register()
Here is the php and html code that I am using to update the table
<?php
ini_set("log_errors", 1);
ini_set("error_log", "/tmp/php-error.log");
session_start();
require_once 'class.user.php';
$user_home = new USER();
if(!$user_home->is_logged_in())
{
$user_home->redirect('index.php');
}
$stmt = $user_home->runQuery("SELECT * FROM tbl_client_info WHERE UCODE=:uid");
$stmt->execute(array(":uid"=>$_SESSION['userSession']));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
if(isset($_POST['submit']))
{
$purchasedata = $_POST['purchasedata'];
$cpurchasedata = $_POST['cpurchasedata'];
if($cpurchasedata!==$purchasedata)
{
$msg = "<div class='alert alert-block'>
<button class='close' data-dismiss='alert'>×</button>
<strong>Sorry!</strong> Input Does Not Match. Make sure the details match.
</div>";
}
else
{
$stmt = $user-> register("UPDATE tbl_client_info SET purchasedata=? WHERE UCODE=:uid");
$stmt->execute(array(":purchasedata"=>$purchasedata,":uid"=>$rows['UCODE']));
//
$msg = "<div class='alert alert-success'>
<button class='close' data-dismiss='alert'>×</button>
Okay, we have added data to your account.
</div>";
}
}
}
else
{
$msg = "<div class='alert alert-success'>
<button class='close' data-dismiss='alert'>×</button>
No Sorry That Did Not Work, Try again
</div>";
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Forgot Password</title>
<!-- Bootstrap -->
<link href="bootstrap/css/bootstrap.min.css" rel="stylesheet" media="screen">
<link href="bootstrap/css/bootstrap.css" rel="stylesheet" media="screen">
<link href="bootstrap/css/bootstrap-responsive.min.css" rel="stylesheet" media="screen">
<link href="assets/styles.css" rel="stylesheet" media="screen">
<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="fonts/css/font-awesome.min.css" rel="stylesheet">
<link href="css/animate.min.css" rel="stylesheet">
<!-- HTML5 shim, for IE6-8 support of HTML5 elements -->
<!--[if lt IE 9]>
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<!-- Custom styling plus plugins -->
<link href="css/custom.css" rel="stylesheet">
<link href="css/icheck/flat/green.css" rel="stylesheet">
<script src="js/vendor/modernizr-2.6.2-respond-1.1.0.min.js"></script>
<!-- Sweet Alert -->
<script src="dist/sweetalert-dev.js"></script>
<link rel="stylesheet" href="dist/sweetalert.css">
<!--.......................-->
</head>
<body style="background:#f3f3f3;">
<div id="wrapper">
<div id="login_content" class="animate form">
<section class="login_content">
<form method="post">
<h1>Purchase Data</h1>
<div class='alert alert-success'>
<strong>Hello </strong><?php echo $row['firstname'] ?>! //add more text here
</div>
<?php
if(isset($msg))
{
echo $msg;
}
?>
<input type="text" class="input-block-level" placeholder="500mb" name="purchasedata" required />
<input type="text" class="input-block-level" placeholder="Retype the bundle" name="cpurchasedata" required />
<hr />
<button class="btn btn-large btn-primary" type="submit" name="btn-update-data">Add data to my account</button>
<div class="clearfix"></div>
<div class="separator">
<p class="change_link">All Done ?
Go Home
my class.user.php looks like this:
<?php
require_once 'dbconfig.php';
class USER
{
private $conn;
public function __construct()
{
$database = new Database();
$db = $database->dbConnection();
$this->conn = $db;
}
public function runQuery($sql)
{
$stmt = $this->conn->prepare($sql);
return $stmt;
}
public function lasdID()
{
$stmt = $this->conn->lastInsertId();
return $stmt;
}
public function register($uname,$email,$upass,$code,$purchasedata)
{
try
{
$password = md5($upass);
$stmt = $this->conn->prepare("INSERT INTO tbl_client_info(User_Name,billingemail,password,purchasedata,tokenCode)
VALUES(:User_Name, :billingemail, :password, :purchasedata, :active_code)");
$stmt->bindparam(":user_name",$uname);
$stmt->bindparam(":user_mail",$email);
$stmt->bindparam(":user_pass",$password);
$stmt->bindparam(":active_code",$code);
$stmt->bindparam(":purchasedata",$purchasedata);
$stmt->execute();
return $stmt;
}
What is it that I am doing wrong? I have searched the error, but I can't see where I have gone wrong. Any help or links to help would be appreciated.
$user should be $user_home. You have used the wrong varible while calling register function.
Related
I am trying to insert form data to my profile table when I click the add button, but whenever I test my code below it just reloads my add.php page and clears the form instead of adding it to my table.
add.php code:
<?php
//connection to the database
$pdo = require_once 'pdo.php';
session_start();
//if user is not logged in redirect back to index.php with an error message
if(!isset($_SESSION['user_id'])){
die("ACCESS DENIED");
return;
}
//if the user requested cancel go back to index.php
if(isset($_POST['cancel'])){
header('Location: index.php');
return;
}
//handling incoming data
$uid = $_SESSION['user_id'];
if (isset($_POST['first_name']) && isset($_POST['last_name']) &&
isset($_POST['email']) && isset($_POST['headline']) && isset($_POST['summary'])){
if (strlen($_POST['first_name']) == 0 || strlen($_POST['last_name']) == 0 ||
strlen($_POST['email']) || strlen($_POST['headline']) == 0 || strlen($_POST['summary']) == 0){
$_SESSION['error'] = "All fields are required";
header("Location: add.php");
return;
}
if(strpos($_POST['email'], '#') === false){
$_SESSION['error'] = "Email address must contain #";
header("Location: add.php");
return;
}
$stmt = $pdo->prepare('INSERT INTO profile
(user_id, first_name, last_name, email, headline, summary)
VALUES ( :uid, :fn, :ln, :em, :he, :su)');
$stmt->execute(array(
':uid' => $uid,
':fn' => $_POST['first_name'],
':ln' => $_POST['last_name'],
':em' => $_POST['email'],
':he' => $_POST['headline'],
':su' => $_POST['summary'])
);
$_SESSION['success'] = "profile added";
header("location: index.php");
return;
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Mandla'ke Makondo's Profile Add</title>
<!-- bootstrap.php - this is HTML -->
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"
integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7"
crossorigin="anonymous">
<!-- Optional theme -->
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css"
integrity="sha384-fLW2N01lMqjakBkx3l/M9EahuwpSfeNvV63J5ezn3uZzapT0u7EYsXMjQV+0En5r"
crossorigin="anonymous">
</head>
<body>
<div class="container">
<h1>Adding Profile for UMSI</h1>
<form method="post" action="index.php">
<p>First Name:
<input type="text" name="first_name" size="60"/></p>
<p>Last Name:
<input type="text" name="last_name" size="60"/></p>
<p>Email:
<input type="text" name="email" size="30"/></p>
<p>Headline:<br/>
<input type="text" name="headline" size="80"/></p>
<p>Summary:<br/>
<textarea name="summary" rows="8" cols="80"></textarea>
<p>
<input type="submit" name="add" value="Add">
<input type="submit" name="cancel" value="Cancel">
</p>
</form>
</div>
</body>
</html>
here I created my connection to the database using pdo connection and also require my config.php file for database sign in credentials
here is my pdo.php code:
<?php
require_once 'config.php';
//setting DSN
$dsn = "mysql:host=$host;dbname=$dbname;charset=UTF8";
//creating a PDO instance
try{
$pdo = new PDO($dsn, $user, $password);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
if($pdo){
echo "database connected Successfully";
return;
}
}catch(PDOException $e){
echo $e->getMessage();
}
?>
my database sign in credentials are in this file, the username, password and dbname are not necessarily correct, I only changed them for the sake of asking.
here is my config.php code:
<?php
//my variables
$host = 'localhost';
$user = 'myusername';
$password = 'mypass';
$dbname = 'mydb';
?>
my index.php code has a static display for the profile entries, I wanted to be able to add the profiles first so I can make it dynamically display the profiles but here is my index.php code:
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title>Mandla'ke Makondo's Resume Registry</title>
<!-- bootstrap.php - this is HTML -->
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"
integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7"
crossorigin="anonymous">
<!-- Optional theme -->
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css"
integrity="sha384-fLW2N01lMqjakBkx3l/M9EahuwpSfeNvV63J5ezn3uZzapT0u7EYsXMjQV+0En5r"
crossorigin="anonymous">
</head>
<body>
<div class="container">
<h1>Mandla'ke Makondo's Resume Registry</h1>
<p>
<?php
if(isset($_SESSION['user_id'])){
echo " <a href='logout.php'>Logout</a>";
}
if(!isset($_SESSION['user_id'])){
echo "<a href='login.php'>Please log in</a>";
}
?>
</p>
<?php
if(isset($_SESSION['user_id'])){
echo"<table border = '1'>
<tr><th>Name</th><th>Headline</th><th>Action</th><tr><tr><td>
<a href='view.php?profile_id=5634'>srghrsh yteu yt uuu</a></td><td>
eyetu e5u5</td><td><a href = 'edit.php'>Edit</a> <a href = 'delete.php'>Delete</a></td></tr>
</table>";
echo "<a href='add.php'>Add New Entry</a>";
}
if(!isset($_SESSION['user_id'])){
echo "<table border='1'>
<tr><th>Name</th><th>Headline</th>
<tr>
<tr><td>
<a href='view.php?profile_id=5634'>srghrsh yteu yt uuu</a></td><td>
eyetu e5u5</td></tr>
</table>";
}
?>
</div>
</body>
enter code here
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title>Mandla'ke Makondo's Resume Registry</title>
<!-- bootstrap.php - this is HTML -->
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"
integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7"
crossorigin="anonymous">
<!-- Optional theme -->
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css"
integrity="sha384-fLW2N01lMqjakBkx3l/M9EahuwpSfeNvV63J5ezn3uZzapT0u7EYsXMjQV+0En5r"
crossorigin="anonymous">
</head>
<body>
<div class="container">
<h1>Mandla'ke Makondo's Resume Registry</h1>
<p>
<?php
if(isset($_SESSION['user_id'])){
echo " <a href='logout.php'>Logout</a>";
}
if(!isset($_SESSION['user_id'])){
echo "<a href='login.php'>Please log in</a>";
}
?>
</p>
<?php
if(isset($_SESSION['user_id'])){
echo"<table border = '1'>
<tr><th>Name</th><th>Headline</th><th>Action</th><tr><tr><td>
<a href='view.php?profile_id=5634'>srghrsh yteu yt uuu</a></td><td>
eyetu e5u5</td><td><a href = 'edit.php'>Edit</a> <a href = 'delete.php'>Delete</a></td></tr>
</table>";
echo "<a href='add.php'>Add New Entry</a>";
}
if(!isset($_SESSION['user_id'])){
echo "<table border='1'>
<tr><th>Name</th><th>Headline</th>
<tr>
<tr><td>
<a href='view.php?profile_id=5634'>srghrsh yteu yt uuu</a></td><td>
eyetu e5u5</td></tr>
</table>";
}
?>
</div>
</body>
I'm trying to retrieve my logged in user data to no avail. Please check my
enter code here private function getUserData($user_name)
{
// if database connection opened
if ($this->databaseConnection()) {
// database query, getting all the info of the selected user
$query_user = $this->db_connection->prepare("SELECT * FROM users WHERE user_name='$_SESSION['user_name']'");
$query_user->bindValue(':user_name', $user_name, PDO::PARAM_STR);
$query_user->execute();
// get result row (as an object)
return $query_user->fetchObject();
} else {
return false;
}
}
Got the way to move about it ,Thanks #ADyson for the response and follow up
code:
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>YOUR ORDER , We will contact you in a few !!!!</title>
<link href="assets/css/bootstrap.min.css" rel="stylesheet">
<link href="assets/css/main.css" rel="stylesheet">
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body>
<?php include 'header.php'; ?>
<section>
<div class="container">
<strong class="title">MY ORDERS</strong>
</div>
<div class="profile-box box-left">
<?php
require('db.php');
// SQL query
$strSQL = "SELECT user_name, phone, firstname, lastname, service, referal,user_registration_datetime FROM users WHERE user_name = '".$_SESSION['user_name']."'";
// Execute the query (the recordset $rs contains the result)
$rs = mysqli_query($myConnection, $strSQL);
// Loop the recordset $rs
// Each row will be made into an array ($row) using mysqli_fetch_array
while($row = mysqli_fetch_array($rs)) {
echo WORDING_PROFILE_PICTURE . '<br/>' . $login->user_gravatar_image_tag;
echo "<div class='info'> <strong>NAME:</strong> <span>".$row['firstname'].", ".$row['lastname']."</span></div>";
echo "<div class='info'><strong>phone No:</strong> <span>".$row['phone']."</span></div>";
echo "<div class='info'><strong>SERVICE:</strong> <span>".$row['service']."</span></div>";
echo "<div class='info'><strong>REFERAL:</strong> <span>".$row['referal']."</span></div>";
echo "<div class='info'><strong>DATE QUERIED:</strong> <span>".$row['user_registration_datetime']."</span></div>";
}
// Close the database connection
mysqli_close($myConnection);
?>
<div class="options">
<a class="btn btn-primary" href="editprofile.php">Edit Profile</a>
<a class="btn btn-success" href="changepassword.php">Change Password</a>
</div>
</div>
</section>
<script src="assets/js/jquery-3.1.1.min.js"></script>
<script src="assets/js/bootstrap.min.js"></script>
<script src="assets/js/main.js"></script>
</body>
</html>
Okay I can't get this figured out.
I want a logged in user to update a row with an amount (INT), I keep getting the invalid parameter error as well as a Call to member function execute() on a non-object.
Here is the php and html that should update the db
<?php
ini_set("log_errors", 1);
ini_set("error_log", "/tmp/php-error.log");
session_start();
require_once 'class.user.php';
$user_home = new USER();
if(!$user_home->is_logged_in())
{
$user_home->redirect('index.php');
}
$stmt = $user_home->runQuery("SELECT * FROM tbl_client_info WHERE UCODE=:uid");
$stmt->execute(array(":uid"=>$_SESSION['userSession']));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
if(isset($_POST['btn-update-data']))
{
$purchasedata = $_POST['purchasedata'];
$cpurchasedata = $_POST['cpurchasedata'];
if($cpurchasedata!==$purchasedata)
{
$msg = "<div class='alert alert-block'>
<button class='close' data-dismiss='alert'>×</button>
<strong>Sorry!</strong> Input Does Not Match. Make sure the details match.
</div>";
}
else
{
$stmt = $user_home->register("INSERT INTO tbl_client_info (purchasedata) VALUES (?)");
$stmt->execute(array(":purchasedata"=>$purchasedata));
//
$msg = "<div class='alert alert-success'>
<button class='close' data-dismiss='alert'>×</button>
Okay, we have added data to your account.
</div>";
}
}
}
else
{
$msg = "<div class='alert alert-success'>
<button class='close' data-dismiss='alert'>×</button>
No Sorry That Did Not Work, Try again
</div>";
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Forgot Password</title>
<!-- Bootstrap -->
<link href="bootstrap/css/bootstrap.min.css" rel="stylesheet" media="screen">
<link href="bootstrap/css/bootstrap.css" rel="stylesheet" media="screen">
<link href="bootstrap/css/bootstrap-responsive.min.css" rel="stylesheet" media="screen">
<link href="assets/styles.css" rel="stylesheet" media="screen">
<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="fonts/css/font-awesome.min.css" rel="stylesheet">
<link href="css/animate.min.css" rel="stylesheet">
<!-- HTML5 shim, for IE6-8 support of HTML5 elements -->
<!--[if lt IE 9]>
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<!-- Custom styling plus plugins -->
<link href="css/custom.css" rel="stylesheet">
<link href="css/icheck/flat/green.css" rel="stylesheet">
<script src="js/vendor/modernizr-2.6.2-respond-1.1.0.min.js"></script>
<!-- Sweet Alert -->
<script src="dist/sweetalert-dev.js"></script>
<link rel="stylesheet" href="dist/sweetalert.css">
<!--.......................-->
</head>
<body style="background:#f3f3f3;">
<div id="wrapper">
<div id="login_content" class="animate form">
<section class="login_content">
<form method="post">
<h1>Purchase Data</h1>
<div class='alert alert-success'>
<strong>Hello </strong><?php echo $row['firstname'] ?>! //add more text here
</div>
<?php
if(isset($msg))
{
echo $msg;
}
?>
<input type="text" class="input-block-level" placeholder="500mb" name="purchasedata" required />
<input type="text" class="input-block-level" placeholder="Retype the bundle" name="cpurchasedata" required />
<hr />
<button class="btn btn-large btn-primary" type="submit" name="btn-update-data">Add data to my account</button>
<div class="clearfix"></div>
<div class="separator">
and here is the class_user.php
<?php
require_once 'dbconfig.php';
class USER
{
private $conn;
public function __construct()
{
$database = new Database();
$db = $database->dbConnection();
$this->conn = $db;
}
public function runQuery($sql)
{
$stmt = $this->conn->prepare($sql);
return $stmt;
}
public function lasdID()
{
$stmt = $this->conn->lastInsertId();
return $stmt;
}
public function register($uname,$email,$upass,$code,$purchasedata)
{
try
{
$password = md5($upass);
$stmt = $this->conn->prepare("INSERT INTO tbl_client_info(User_Name,billingemail,password,purchasedata,tokenCode)
VALUES(:User_Name, :billingemail, :password, :purchasedata, :active_code)");
$stmt->bindparam(":user_name",$uname);
$stmt->bindparam(":user_mail",$email);
$stmt->bindparam(":user_pass",$password);
$stmt->bindparam(":active_code",$code);
$stmt->bindparam(":purchasedata",$purchasedata);
$stmt->execute();
return $stmt;
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
public function login($email,$upass)
{
try
{
$stmt = $this->conn->prepare("SELECT * FROM tbl_client_info WHERE billingemail=:email_id");
$stmt->execute(array(":email_id"=>$email));
$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
if($userRow['userStatus']=="Y")
{
if($userRow['password']==md5($upass))
{
$_SESSION['userSession'] = $userRow['UCODE'];
return true;
}
else
{
header("Location: index.php?error");
exit;
}
}
else
{
header("Location: index.php?inactive");
exit;
}
}
else
{
header("Location: index.php?error");
exit;
}
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
any help would really be appreciated
Look at your named placeholders:
(:User_Name, :billingemail, :password, :purchasedata, :active_code)
and
$stmt->bindparam(":user_name",$uname);
$stmt->bindparam(":user_mail",$email);
$stmt->bindparam(":user_pass",$password);
$stmt->bindparam(":active_code",$code);
$stmt->bindparam(":purchasedata",$purchasedata);
They don't match.
Each named placeholder must match and in lettercase.
Example:
:user_name and :User_Name are not the same.
so here:
(:user_name, :user_mail, :user_pass, :purchasedata, :active_code)
The manual is rather explicit on this:
http://php.net/manual/en/pdo.prepared-statements.php
and don't go live with this in using MD5, it's no longer safe.
Use password_hash():
http://php.net/manual/en/function.password-hash.php
Check for errors:
http://php.net/manual/en/pdo.error-handling.php
http://php.net/manual/en/function.error-reporting.php
and make sure your column names are correct and lettercase could be a factor.
I am working on a User's registration system. This is the URL called to activate a user's account:
http://../verify.php?id=40&code=fdc6604289e5a58fe1ab9dffa8e2f870
And this is the code for verify.php:
<?php
require_once 'class.user.php';
$user = new USER();
if(empty($_GET['id']) && empty($_GET['code']))
{
$user->redirect('index.php');
}
if(isset($_GET['id']) && isset($_GET['code']))
{
$id = $_GET['id'];
$code = $_GET['code'];
$statusY = "Y";
$statusN = "N";
$stmt = $user->runQuery("SELECT userID,userStatus FROM tbl_users WHERE userID=:uID AND tokenCode=:code LIMIT 1");
$stmt->execute(array(":uID"=>$id,":code"=>$code));
$row=$stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() > 0)
{
if($row['userStatus']==$statusN)
{
$stmt = $user->runQuery("UPDATE tbl_users SET userStatus=:status WHERE userID=:uID");
$stmt->bindparam(":status",$statusY);
$stmt->bindparam(":uID",$id);
$stmt->execute();
$msg = "
<div class='alert alert-success'>
<button class='close' data-dismiss='alert'>×</button>
<strong>WoW !</strong> Your Account is Now Activated : <a href='index.php'>Login here</a>
</div>
";
}
else
{
$msg = "
<div class='alert alert-error'>
<button class='close' data-dismiss='alert'>×</button>
<strong>sorry !</strong> Your Account is allready Activated : <a href='index.php'>Login here</a>
</div>
";
}
}
else
{
$msg = "
<div class='alert alert-error'>
<button class='close' data-dismiss='alert'>×</button>
<strong>sorry !</strong> No Account Found : <a href='signup.php'>Signup here</a>
</div>
";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Confirm Registration</title>
<!-- Bootstrap -->
<link href="bootstrap/css/bootstrap.min.css" rel="stylesheet" media="screen">
<link href="bootstrap/css/bootstrap-responsive.min.css" rel="stylesheet" media="screen">
<link href="assets/styles.css" rel="stylesheet" media="screen">
<!-- HTML5 shim, for IE6-8 support of HTML5 elements -->
<!--[if lt IE 9]>
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<script src="js/vendor/modernizr-2.6.2-respond-1.1.0.min.js"></script>
</head>
<body id="login">
<div class="container">
<?php if(isset($msg)) { echo $msg; }
?>
</div> <!-- /container -->
<script src="vendors/jquery-1.9.1.min.js"></script>
<script src="bootstrap/js/bootstrap.min.js"></script>
</body>
</html>
This is the record from the database:
The problem is that $_GET['id'] and $_GET['code'] are the correct values, but the page shows the option: NO ACCOUNT FOUND...
I am searching for the reason for hours, but no success.
Any help to find the source of the issue is welcome
I want to log the users IP when they login all I want it to do it update a column
I know $_SERVER['REMOTE_ADDR']; get their ip.
I want to log it on login on their username row in mysql.
Here's an image of my mysql table
https://gyazo.com/cf5b223df03d0da8a15bf61ed037d847
LoginCheck.php:
<?php
# Processes
function cleanString($con, $string) {
return mysqli_real_escape_string($con, stripcslashes($string));
}
# buttons use the request method
if (isset($_REQUEST['login'])) {
$username = strtolower(cleanString($con, $_POST['username']));
$password = cleanString($con, $_POST['password']);
$errors = array();
if (empty($username) || empty($password)) {
# If they left the shit blank like a jew
$errors[] = "Please make sure you entered a valid username and password";
}
$password = md5($password);
$db_check_username = mysqli_query($con, "SELECT username FROM users WHERE username='$username' OR email='$username'");
$db_check_userdata = mysqli_query($con, "SELECT username,password FROM users WHERE username='$username' AND password='$password' OR email='$username' AND password='$password'");
if (!$db_check_username || !$db_check_userdata) {
$errors[] = mysqli_error($con);
}
if (mysqli_num_rows($db_check_username) == 0) {
# If the username doesn't exist like a bitch
$errors[] = "No account could be found with that username.";
}
if (mysqli_num_rows($db_check_userdata) == 0) {
# If the Username and Password don't match
$errors[] = "Username and Password combination incorrect.";
}
if(empty($errors)) {
session_start();
$_SESSION['username'] = $username;
$success[] = "You have successfully logged in. Redirecting in a moment.";
echo '<meta http-equiv="refresh" content="5; url=index.php" />';
} else {
$danger = $errors;
}
}
?>
Login.php
<?php
# Include da files mate
include('includes/config.php');
include('includes/logincheck.php');
# Other Shit
//nothing yet
?>
<!DOCTYPE html>
<!--[if IE 8]> <html lang="en" class="ie8"> <![endif]-->
<!--[if !IE]><!-->
<html lang="en">
<!--<![endif]-->
<head>
<meta charset="utf-8" />
<title>Twisted Movies | Login Page</title>
<meta content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" name="viewport" />
<meta content="" name="description" />
<meta content="" name="author" />
<!-- ================== BEGIN BASE CSS STYLE ================== -->
<link href="http://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700" rel="stylesheet">
<link href="assets/plugins/jquery-ui/themes/base/minified/jquery-ui.min.css" rel="stylesheet" />
<link href="assets/plugins/bootstrap/css/bootstrap.min.css" rel="stylesheet" />
<link href="assets/plugins/font-awesome/css/font-awesome.min.css" rel="stylesheet" />
<link href="assets/css/animate.min.css" rel="stylesheet" />
<link href="assets/css/style.min.css" rel="stylesheet" />
<link href="assets/css/style-responsive.min.css" rel="stylesheet" />
<link href="assets/css/theme/red.css" rel="stylesheet" id="theme" />
<!-- ================== END BASE CSS STYLE ================== -->
<!-- ================== BEGIN BASE JS ================== -->
<script src="assets/plugins/pace/pace.min.js"></script>
<!-- ================== END BASE JS ================== -->
</head>
<body class="pace-top">
<!-- begin #page-loader -->
<div id="page-loader" class="fade in"><span class="spinner"></span></div>
<!-- end #page-loader -->
<div class="login-cover">
<div class="login-cover-image"><img src="assets/img/login-bg/bg-1.jpg" data-id="login-cover-image" alt="" /></div>
<div class="login-cover-bg"></div>
</div>
<!-- begin #page-container -->
<div id="page-container" class="fade">
<!-- begin login -->
<div class="login login-v2" data-pageload-addclass="animated fadeIn">
<!-- begin brand -->
<div class="login-header">
<div class="brand">
<span class="logo"></span> Twisted Movies
<small>Where the best movies are AD free!</small>
</div>
<div class="icon">
<i class="fa fa-sign-in"></i>
</div>
</div>
<!-- end brand -->
<div class="login-content">
<form action="" method="POST" class="margin-bottom-0">
<div class="text-center">
<?php
if (!empty($success)) {
foreach ($success as $value) {
echo '<div class="alert alert-success">';
echo $value.'<br>';
echo '</div>';
}
} elseif (!empty($danger)) {
foreach ($danger as $value) {
echo '<div class="alert alert-danger">';
echo $value.'<br>';
echo '</div>';
}
} elseif (!empty($warning)) {
foreach ($warning as $value) {
echo '<div class="alert alert-warning">';
echo $value.'<br>';
echo '</div>';
}
} elseif (!empty($info)) {
foreach ($info as $value) {
echo '<div class="alert alert-info">';
echo $value.'<br>';
echo '</div>';
}
} else {
echo '<div class="alert alert-info">';
echo "Please enter a username and password.";
echo '</div>';
}
?>
</div>
<div class="form-group m-b-20">
<input type="text" name="username" placeholder="Username" class="form-control input-lg"/>
</div>
<div class="form-group m-b-20">
<input type="password" name="password" placeholder="Password" class="form-control input-lg"/>
</div>
<div class="checkbox m-b-20">
<label>
<input type="checkbox" /> Remember Me
</label>
</div>
<div class="login-buttons">
<button type="submit" name="login" class="btn btn-success btn-block btn-lg">Sign me in</button>
</div>
<div class="m-t-20">
Not a member yet? Click here to register.
</div>
<center><?php include 'includes/footer.php'; ?></center>
</form>
</div>
</div>
<!-- end login -->
</div>
<!-- end page container -->
<!-- ================== BEGIN BASE JS ================== -->
<script src="assets/plugins/jquery/jquery-1.9.1.min.js"></script>
<script src="assets/plugins/jquery/jquery-migrate-1.1.0.min.js"></script>
<script src="assets/plugins/jquery-ui/ui/minified/jquery-ui.min.js"></script>
<script src="assets/plugins/bootstrap/js/bootstrap.min.js"></script>
<!--[if lt IE 9]>
<script src="assets/crossbrowserjs/html5shiv.js"></script>
<script src="assets/crossbrowserjs/respond.min.js"></script>
<script src="assets/crossbrowserjs/excanvas.min.js"></script>
<![endif]-->
<script src="assets/plugins/jquery-hashchange/jquery.hashchange.min.js"></script>
<script src="assets/plugins/slimscroll/jquery.slimscroll.min.js"></script>
<script src="assets/plugins/jquery-cookie/jquery.cookie.js"></script>
<!-- ================== END BASE JS ================== -->
<!-- ================== BEGIN PAGE LEVEL JS ================== -->
<script src="assets/js/login-v2.demo.min.js"></script>
<script src="assets/js/apps.min.js"></script>
<!-- ================== END PAGE LEVEL JS ================== -->
<script>
$(document).ready(function() {
App.init(ajax=true);
LoginV2.init();
});
</script>
</body>
</html>
Right after you have session_start():
$ip = $_SERVER['REMOTE_ADDR'];;
$stmt = $con->prepare("UPDATE users SET `IP`=? WHERE username=?");
$stmt->bind_param("ss", $ip, $username);
$stmt->execute();
Some tips:
Try to always use prepared statements when dealing with user data.
use a HTTP class to get the IP. The IP is not always in REMOTE_ADDR, especially if the site is behind a proxy such as Cloudflare