<?php
error_reporting(0);
$title='New Account'; /*This is a page that creates new account*/
include('header.php'); /*header file included*/
extract($_POST);
if(isset($r9)) /*$r9 is submit */
{
if(!empty($r1) && !empty($r2) && !empty($r3) && !empty($r4) && !empty($r5) && !empty($r6) && !empty($r7) && !empty($r8) )
{
if(is_dir("user/$r3")) //$r3 is the email the person is providing
{
echo "User already registered";
}
else
{
mkdir("user/$r3"); /*directory creation*/
file_put_contents("user/$r3/details.txt","$r1\n$r2\n$r4\n$r5\n$r6\n$r7\n$r8");
header("location:welcome.php"); /*the next page it must go after this*/
}
}
}
?>
This is my PHP code and it is not creating the directory. Please help me out.
Please turn on the error reporting to see the error messages, that will help you to solve this problem. Please check if your web server has permissions to creating a new directory. If your web server has the permissions already to write in the folder user then try to edit the following code:
mkdir("user/$r3");
to
mkdir("/THE_HOLE_URL_TO_THIS_FOLDER/user/$r3");
for example mkdir("/opt/lampp/htdocs/myhomespace/user/$r3");
Related
So on XAMPP on windows I have my site up and running. But when copying the exact same files to a linux host running apache2, I get:
ERR_TOO_MANY_REDIRECTS
This page isn’t working
172.168.1.3 redirected you too many times.
Try clearing your cookies.
The code is:
<?php
require_once('model/user.php');
session_start();
$view = new stdClass();
$view->pageTitle = 'Login';
$user = new User();
$user->checkCookie();
if(isset($_POST['submit'])) {
if(!isset($_POST['username'])) {
// no username error
} else if(!isset($_POST['password'])) {
// no password error
} else {
$user = new User();
if(isset($_POST['remember'])) {
if($user->login($_POST['username'], $_POST['password'], $_POST['remember']) == TRUE) {
header('Location: /cliserv/search.php');
}
} else {
if($user->login($_POST['username'], $_POST['password'], FALSE) == TRUE) {
header('Location: /cliserv/search.php');
}
}
}
}
if(isset($_SESSION['loggedIn'])) {
header('Location: /cliserv/search.php');
} else {
require_once('view/login.php');
}
I've found that the issue is in the "model/user.php" file. If I comment out the 'require_once()' statements at the top of that file:
if (!class_exists('Campsite')) {
require_once('campsite.php');
}
if (!class_exists('DB')) {
require_once('database.php');
}
if (!class_exists('SearchData')) {
require_once('searchData.php');
}
the site doesn't have the redirect error - but obviously the site then doesn't function, as the classes haven't been loaded. Any ideas?
I think, It's about your session_start & working with sessions.
You must change file type to UTF-8 without BOM. That should be work.
You can enable display errors & then replace your header('Location: '); to exit();
to see have any error or not !
If have any error about unable to start_session(); just need to change file type to UTF-8 without BOM.
You must do it for all included files.
I would like to to have a wordpress website for authorized users only. I was thinking to add custom php code to my theme's header file that checks if a specific user is authorized to access the page and if not users are redirected to a custom login page. I am also thinking of adding a new table to my database for user information. Is there a plugin that does that for me? I couldn't find any.
Apply basic authentication to the site's folder where the wordpress site is.
Create a .htaccess file in the folder like this (but using your own path and username):
AuthUserFile /home/YOURACCOUNT/public_html/wordpress/.htpasswd
AuthGroupFile /dev/null
AuthName "Authentication"
AuthType Basic
<LIMIT POST GET>
require valid-user YOURUSERNAME
</LIMIT>
Then create a .htpasswd file like this:
YOURUSERNAME:YOURPASSWORD_AS_MD5_ENCRYPTION
To convert your password to MD5 encryption go here:
http://hash.online-convert.com/apache-htpasswd
Well, with some nasty hacking I was able to work it out.
In my theme's header.php file I added the following lines of code to the top:
if(session_id() == '') {
session_start();
}
if (!$_SESSION['authenticated']) {
header('Location: '.get_site_url().'/login.php');
}
I created a custom login.php file in my project's root folder containing a simple login form, posting its data to another custom file "webservice.php" with the following lines of code:
//webservice.php
<?php
if(session_id() == '') {
session_start();
}
$username = $_POST['username'] ? $_POST['username'] : '';
$password = $_POST['password'] ? $_POST['password'] : '';
if ($password && $username) {
$response = file_get_contents("http://example.com/api/Accounts?username=".$username."&password=".$password);
$json = json_decode($response);
if ($json->{'Status'} == "Success") {
$_SESSION['authenticated'] = true;
echo "<META http-equiv=\"refresh\" content=\"0;URL=http://example.com/\">";
}
else {
$_SESSION['authenticated'] = false;
echo "<META http-equiv=\"refresh\" content=\"0;URL=http://example.com/login.php?incorrect=yes\">";
}
}
else {
echo "<META http-equiv=\"refresh\" content=\"0;URL=http://example.com/\">";
}
Yet, in another custom file(logout.php) I only unset my session variable:
<?php
if(session_id() == '') {
session_start();
}
if ($_SESSION['authenticated']) {
$_SESSION['authenticated'] = false;
echo "<META http-equiv=\"refresh\" content=\"0;URL=http://example.com/\">";
}
?>
I would love to know my solution's disadvantages...
Based on your additional comments try a plugin with wordpress to make the work easy on you.
https://wordpress.org/plugins/tags/user-registration
I wanted to be able to catch the error in session creation in PHP. My primary target is to be able to know which causes the problem. Is it because we don't have wrtie access to the folder where the session is written or because we don't have free disk space already.
So of course we will start with this.
session_start();
and from this post Check if session is set or not, and if not create one? I did try to add
if(session_id() == '')
{
// session has NOT been started
session_start();
echo "Session is started";
}
else
{
// session has been started
}
And to test this I have remove writing permissions for the group and others in /tmp/ by using this command
chmod 755 tmp/
But base on my test I still see that the session is started. And the funny thing is I can login but when I try to logout I can't.
Any insights on how to properly get the reason on session creation error would be greatly appreaciated. Thanks!
EDIT:
I have tried Frederik's suggestion and done this.
try{
// Start session
session_start();
echo "Session started. " . session_id();
}catch(Exception $e){
echo "Session not started. " . $e->getMessage();
}
But I still see this
Session started. fa505cbf4b232773669008495fd08b9f
even if I have remove write permission to /tmp already. It seems that the try catch was not able to properly catch the problem.
You might want to try the is_writable function.
Something like:
<?php
$dirname = '/tmp';
if (is_writable($dirname)) {
echo 'The folder is writable';
} else {
echo 'The folder is not writable';
}
?>
You can use it with files or folders.
More information: http://id1.php.net/is_writable
With Frederik's suggestion to check if the /tmp do have write permission I was able to decide to just check for write permission and disk space before checking for username and password. So I wrote this code
if (is_writable(session_save_path())){
if ( $diskfree is <= 0){
// check for authentication here
}else{
header("Location: login.php?error=true&nodisk=true");
return;
}
}else {
header("Location: login.php?error=true&nowrite=true");
return;
}
and then in login.php I have this to catch the error code.
// If we have an error show error message
if ( isset($_GET["error"]) && $_GET["error"] ) {
//If not enough disk space show disk space message
if( isset($_GET["nodisk"]) && $_GET["nodisk"] ){
alert("disk free problem");
}
//If we don't have permission to session save path show session creation error
if( isset($_GET["nowrite"]) && $_GET["nowrite"] ){
alert("write permission error");
}
Hello I'm trying to create a directory in the users/ folder. When the user registers a vpb_save_details.php is being opened. And mkdir is ran to create a user with the username as directory name.
The user is being registered as normal but the problem that no directory is created, not even the /user directory.
If i run this code:
<?php
mkdir("blah", 0777);
?>
The directory bla is created, but if I run my code vpb_save_details.php, nothing happens.
This is a part of the code:
//If the user is validated and every thing is alright, then save the user details and display success message to the user
//otherwise, display error message to the user
if ($vpb_error == '')
{
//Encrypt user information with Base64 before saving them to a file
if(fwrite($vpb_database, "\r\n".base64_encode($fullname)."::::::::::".base64_encode($username)."::::::::::".base64_encode($email)."::::::::::".base64_encode($encrypted_user_password).""))
{
echo '<font style="font-size:0px;">completed</font>';
echo '<div class="info">Congrats <b>'.$fullname.'</b>, you have registered successful. <br>You may now click on the login button to log into your account.<br>Thanks.</div>';
//
// HERE! I create a folder in the users directory with the variable $username as username
//
$newUserName = $username;
$userPath = "users/".$newUserName;
mkdir("$userPath", 0777);
//copy("index.php",$userPath/index.php);
}
else
{
echo '<div class="info">Sorry, your account creation was unsuccessful, please try again (1).</div>';
}
}
else
{
echo $vpb_error;
}
fclose($vpb_database);
I have absolutely no idea what the problem could be? the code:
$newUserName = $username;
$userPath = "users/".$newUserName;
mkdir("$userPath", 0777);
Should work just fine, or am I missing a small detail?
Remove the quotes.
mkdir($userPath, 0777);
I would to redirect to the next page after the form is completed and the submit button is pressed. This code works well on a windows server, but it fails to redirect to the next page on a linux server
<?php
include 'scripts/functions/init.php';
Restrict();
?>
<?php
$userid = $_SESSION['userid'];
if (empty($_POST)=== false)
{
$R_fields = array('OFO_Code','OFO_Title','Curr_Code','Curr_Title');
foreach($_POST as $key=>$value)
{
if (empty($value) && in_array($key,$R_fields)=== true)
{
$errors[] = 'fields marked with (*) are required';
break 1;
}
}
$_SESSION['Combo'] = $_SESSION['OFO_Code'].$_SESSION['Curr_Code'];
if(empty($errors)=== true)
{
if(Curr_Code_exists($_SESSION['Combo']))
{
$errors[] = 'Sorry, the Curriculum Code already exist, please use the edit function';
}
if(strlen('Curr_Code')<6)
{
$errors[] ='Curriculum Code must be at least 6 Characters';
}
}
}
?>
the above code appears just before the html, followed by the form. then just after the submit button follows the following and it also lies within the within
<?php
$_SESSION['OFO_Code'] = $_POST['OFO_Code'];
$_SESSION['Curr_Code'] = $_POST['Curr_Code'];
if(empty($_POST) === false && empty($errors)=== true)
{
//Capture data from the fields to an array
$Capture_Occupation_info = array(
'OFO_Code' => $_SESSION['OFO_Code'],
'OFO_Title'=>$_POST['OFO_Title'],
'Curr_Code'=>$_SESSION['Combo'],
'Curr_Title'=>$_POST['Curr_Title'],
'userid'=>$userid);
//Submit the data into the database
capture_occupation_info($Capture_Occupation_info);
header('Location:Capture_Menu.php');
exit();
}
else
{
//Display errors
echo output($errors);
}
?>
This is a complete shot in the dark, but might be right on. Windows is not case sensative, but NIX is.
Capture_Menu.php
Is that exactly how it is capitalized on your UNIX box?
Also, you can not display or echo to the browser before doing a header redirect. Please check for echos or even lose blank spaces after things like ?>
I have had redirections not work before because my code printed something to the output that I didn't do on purpose.
You can try this...
error_reporting(E_ALL);
ini_set('display_errors', 'On');