i am creating a user accounts system for my website however when i use the include 'core/init.php'; function i get the error. This could be something really simple as I am a beginner and just learning.
Fatal error: Cannot redeclare user_data() (previously declared in C:\xampp\htdocs\PatchMyPC\core\functions\users.php:3) in C:\xampp\htdocs\PatchMyPC\core\functions\users.php on line 17
here is the code for my users.php & init.php files
init.php
<?php
session_start();
//error_reporting(0);
require 'database/connect.php';
require 'functions/users.php';
require 'functions/general.php';
if (logged_in() === true) {
$session_user_id = $_SESSION['user_id'];
$user_data = user_data($session_user_id, 'user_id', 'username', 'password', 'first_name', 'last_name', 'email');
if (user_active($user_data['username']) === false) {
session_destroy();
header('Location: index.php');
exit();
}
}
$errors = array();
?>
users.php
<?php
function user_data($user_id) {
$data = array();
$user_id = (int)$user_id;
$func_num_args = func_num_args();
$func_get_args = func_get_args();
if ($func_num_args > 1) {
unset($func_get_args[0]);
$fields = '`' . implode('`, `', $func_get_args) . '`';
$data = mysql_fetch_assoc(mysql_query("SELECT $fields FROM `users` WHERE `user_id` = $user_id"));
return $data;
}
}
function logged_in() {
return (isset($_SESSION['user_id'])) ? true : false;
}
function user_exists($username) {
$username = sanitize($username);
return (mysql_result($query = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username'"), 0) == 1) ? true : false;
}
function user_active($username) {
$username = sanitize($username);
return (mysql_result($query = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `active` = 1"), 0) == 1) ? true : false;
}
function user_id_from_username($username) {
$username = sanitize($username);
return mysql_result(mysql_query("SELECT `user_id` FROM `users` WHERE `username` = '$username'"), 0, 'user_id');
}
function login($username, $password) {
$user_id = user_id_from_username($username);
$username = sanitize($username);
$password = md5($password);
return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `password` = '$password'"), 0) ==1) ? $user_id : false;
}
?>
Probably you require users.php twice.
use:
require_once('users.php');
in all your files to overcome this problem.
Related
I'm getting error:
Undefined variable: user_data in loggedin.php
My register page is fine it register successfully users.When i log in it displays me all the information but not the user_data.If somebody can write me where is my fault.My
init.php
<?php
session_start();
error_reporting(0);
require 'database/connect.php';
require 'functions/general.php';
require 'functions/users.php';
$_SESSION['user_id'] = (int)1;
if(logged_in() === false) {
$session_user_id = $_SESSION['user_id'];
$user_data = user_data($session_user_id, 'user_id', 'username', 'password', 'first_name', 'last_name', 'email', 'profile', 'textarea', 'writingname', 'writing');
echo $user_data['password'];
if(user_active($user_data['username']) === false) {
session_destroy();
header('Location: index2.php');
exit();
}
}
$errors = array() ;
?>
users.php :
function user_data($user_id) {
$data = array();
$user_id = (int)$user_id;
$func_num_args = func_num_args();
$func_get_args = func_get_args();
if ($func_num_args > 1) {
unset($func_get_args[0]);
$fields = '`' . implode ('`, `', $func_get_args) . '`';
$data = mysql_fetch_assoc(mysql_query("SELECT $fields FROM `users` WHERE `user_id` = $user_id"));
return $data;
}
}
function logged_in() {
return (isset($_SESSION['user_id'])) ? true : false;
}
function user_exists($username) {
$username = sanitize($username);
return (mysql_result( mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` ='$username' "), 0) == 1) ? true : false;
}
And my
loggedin.php :
<div class="widget">
<h2 onClick="document.location.href='index2.php'">Hello<?php echo $user_data['first_name']; ?> ! </h2>
<div class="inner">
did you pass your $user_data from init.php to loggedin.php???
$user_data is not a session, so you can't just make $user_data in init.php and echo it in loggedin.php...
CMIIW
var_dump might help you tho'
change you init.php code to this one below.
<?php
session_start();
error_reporting(0);
require 'database/connect.php';
require 'functions/general.php';
require 'functions/users.php';
$_SESSION['user_id'] = (int)1;
if(logged_in() === false) {
$session_user_id = $_SESSION['user_id'];
$user_data = user_data($session_user_id);// just send user id here stored in session.
echo $user_data['password'];
if(user_active($user_data['username']) === false) {
session_destroy();
header('Location: index2.php');
exit();
}
}
$errors = array() ;
?>
I am trying to fill a varialble $login with the users user_id so I can use sessions, however the query does not return the user_id to fill the $login with.
users.php
<?php
function user_exists($username, $con) {
$data = $username;
$username = sanitize($data, $con);
$username = $data;
mysqli_query($con, "SELECT `user_id` FROM `users` WHERE `username` = '$username'");
return(mysqli_affected_rows($con) == 1) ? true : false;
}
function user_active($username, $con) {
$data = $username;
$username = sanitize($data, $con);
$username = $data;
mysqli_query($con, "SELECT `user_id` FROM `users` WHERE `username` = '$username' AND `active` = 1");
return(mysqli_affected_rows($con) == 1) ? true : false;
}
function user_id_from_username ($username, $con) {
$data = $username;
$username = sanitize($data, $con);
$username = $data;
mysqli_query($con, "SELECT `user_id` FROM `users` WHERE `username` = '$username'");
return mysqli_affected_rows($con) ? 0 : 'user_id';
}
function login($username, $password, $con) {
$user_id = user_id_from_username($username, $con);
$data = $username;
$username = sanitize($data, $con);
$username = $data;
$password = md5($password);
mysqli_query($con, "SELECT `user_id` FROM `users` WHERE `username` = '$username' AND `password` = '$password'");
return (mysqli_affected_rows($con) == 1) ? $user_id : false;
}
?>
login.php
<?php
include 'core/init.php';
if (empty($_POST) === false) {
$username = $_POST['username'];
$password = $_POST['password'];
if (empty($username) === true || empty($password) === true) {
$errors[] = 'You need to enter a username and password';
} else if (user_exists($username, $con) === false) {
$errors[] = 'We can\'t find that username. Have you registered?';
} else if (user_active($username, $con) === false) {
$errors[] = 'You have not activated your account. Please see the instructions.';
} else {
$login = login($username, $password, $con);
if ($login === false) {
$errors [] = 'That username and password combination is incorrect;';
} else {
echo 'hi';
die($login);
$_SESSION['user_id'] = $login;
}
}
print_r($errors);
}
?>
Init.php
<?php
session_start();
//error_reporting(0);
require 'database/connect.php';
require 'functions/users.php';
require 'functions/general.php';
$errors = array();
?>
When you get your userid you are returning the wrong value:
function user_id_from_username ($username, $con) {
$data = $username;
$username = sanitize($data, $con);
$username = $data;
mysqli_query($con, "SELECT `user_id` FROM `users` WHERE `username` = '$username'");
return mysqli_affected_rows($con) ? 0 : 'user_id';
}
This function will return a 0 (if affected_rows is not 0) or the string 'user_id' (if affected rows is 0). First off I think the logic is probably reversed (0 vs non-zero) and secondly I think you really want to return an actual user_id instead of just the string 'user_id'.
Then in your login function:
function login($username, $password, $con) {
$user_id = user_id_from_username($username, $con);
$data = $username;
$username = sanitize($data, $con);
$username = $data;
$password = md5($password);
mysqli_query($con, "SELECT `user_id` FROM `users` WHERE `username` = '$username' AND `password` = '$password'");
return (mysqli_affected_rows($con) == 1) ? $user_id : false;
}
You get this 0 or 'user_id' (string) into $user_id and then ignore it until the very end when you return either that value or a false. Since the logic was reversed on the return value of the previous function, then on a successful login your $user_id contains the 0 (which is boolean false in PHP) and so this function is returning either a 0 or a false from login - both of them are false so login() is returning false. But specifically in the case of a good login you are returning a 0 which then isn't going to look like a valid ID to put into your session and, if you get it there, isn't going to compare well because of the whole situation of zero being evaluated to boolean false.
Well, basically I am working on a register and login tutorial on youtube. Which is using the old version of PHP, and I have attempted to update the code, however I get this error:
Parse error: syntax error, unexpected ',' in C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\data\localweb\projects\Forum\forum\core\functions\users.php on line 23
users.php
<?php
function user_exists($username, $con) {
$data = $username;
$username = sanitize($data, $con);
$username = $data;
mysqli_query($con, "SELECT `user_id` FROM `users` WHERE `username` = '$username'");
return(mysqli_affected_rows($con) == 1) ? true : false;
}
function user_active($username, $con) {
$data = $username;
$username = sanitize($data, $con);
$username = $data;
mysqli_query($con, "SELECT `user_id` FROM `users` WHERE `username` = '$username' AND `active` = 1");
return(mysqli_affected_rows($con) == 1) ? true : false;
}
function user_id_from_username ($username, $con) {
$data = $username;
$username = sanitize($data, $con);
$username = $data;
mysqli_query($con, "SELECT `user_id` FROM `users` WHERE `username` = '$username'");
return mysqli_affected_rows($con), 0, 'user_id';
}
function login($username, $password, $con) {
$user_id = user_id_from_username($username, $con);
$data = $username;
$username = sanitize($data, $con);
$username = $data;
$password = md5($password);
return (mysqli_affected_rows(mysqli_query($con, "SELECT `user_id` FROM `users` WHERE `username` = '$username' AND `password` = '$password'"), 0) == 1) ? $user_id : false;
}
?>
Line 23 is this one: return mysqli_affected_rows($con), 0, 'user_id';
Must be: return mysqli_affected_rows($con) ? 0 : 'user_id'; if this what you meant.
Cannot return multiple values in PHP.
So I have created a function:
function user_data($user_id) {
$data = array();
$user_id = (int)$unser_id;
$func_num_args = func_num_args();
$func_get_args = func_get_args();
if ($func_num_args > 1){
unset($func_get_args[0]);
$fields = '`' . implode('`, `', $func_get_args) . '`';
$data = mysql_fetch_assoc(mysql_query("SELECT $fields FROM `users` WHERE 'user_id' = $user_id"));
return $data;
}
}
By mistake I crated a typo unser_id but didnt relise up until I had to troubleshoot further along the line in my code.
I am creating a login script but the point in which I am having to troubleshoot is showing profile data from my other users.
The reason I point out the typo part is because it for some reason is a strange error. If I change it to user_id it will not allow me to login anymore. If I leave it as under_id it works.
I am having to troubleshoot because I believe this is the cause of the problem I am having trying to view other users profiles and showing their information and not mine which is happening right now.
For example, in my url www.mywebsite.com/myprofile shows my username and my email address, if I type in www.mywebsite.com/otherprofile it still shows my information. But it does show a query if I type a user that does not exist in my database so that part works.
I believe the issue all stems form this typo but am really stuck as to appraoch a resolve?
So here is the other code:
profile page:
if (isset($_GET['username']) === true && empty ($_GET['username']) === false) {
$username = $_GET['username'];
if (user_exists($username) === true) {
$user_id = user_id_from_username($username);
$profile_data = user_data($user_id, 'first_name', 'last_name', 'email');
?>
<p><?php echo $profile_data['profile']; ?></p>
<h1><?php echo $profile_data['first_name']; ?> profile</h1>
<p><?php echo $profile_data['email'] ?></p>
<?php
} else {
echo 'Sorry, that user does not exist';
}
} else {
header('Location: index.php');
exit();
}
Here all the related functions:
function logged_in(){
return (isset($_SESSION['user_id'])) ? true : false;
}
function user_exists($username) {
$username = sanitize($username);
$query = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username'");
return (mysql_result($query, 0) == 1) ? true : false;
}
function email_exists($email) {
$email = sanitize($email);
$query = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email'");
return (mysql_result($query, 0) == 1) ? true : false;
}
function user_active($username) {
$username = sanitize($username);
$query = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `active` = 1");
return (mysql_result($query, 0) == 1) ? true : false;
}
function user_id_from_username($username) {
$username = sanitize($username);
return mysql_result(mysql_query("SELECT `user_id` FROM `users` WHERE `username` = '$username'"), 0, 'user_id');
}
function login($username, $password) {
$user_id = user_id_from_username($username);
$username = sanitize($username);
$password = md5($password);
return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `password` = '$password' "), 0) == 1) ? $user_id : false;
}
The problem in your first function is that you are quoting your column name with single quotes:
$data = mysql_fetch_assoc(mysql_query("SELECT $fields FROM `users` WHERE 'user_id' = $user_id"));
^ ^
That means that you are not actually using the column user_id but a string.
You should change that to:
$data = mysql_fetch_assoc(mysql_query("SELECT $fields FROM `users` WHERE `user_id` = $user_id"));
(or without the backticks...).
Apart from that you are using the deprecated mysql_* functions and you don't have any error handling. You should switch to PDO or mysqli using prepared statements and make sure it throws exceptions (both can) so that you know exactly what goes wrong.
You are replacing the argument $user_id passed to user_data by $unser_id:
$user_id = (int)$unser_id;
This way, the value of $user_id will always be whatever is stored in $unser_id, not what is passed to the function. You should try removing the line, so the code actually uses the user id you are passing it.
If you do not have any variable called $unser_id you should check the PHP error logs. I suspect there will be lines saying something like Undefined variable: unser_id.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 9 years ago.
Improve this question
I can't find the missing curly brace, but I am getting this message "Parse error: syntax error, unexpected $end in /site/public_html/core/functions/users.php on line 75"
For the following code..
<?php
function activate($email, $email_code) {
$email = mysql_real_escape_string($email);
$email_code = mysql_real_escape_string($email_code);
if (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email' AND `email_code` = '$email_code' AND `active` = 0"), 0) == 1) {
mysql_query("UPDATE `users` SET `active` = 1 WHERE `email` = '$email'");
return true;
}
else {
return false;
}
function change_password ($user_id, $password) {
$user_id = (int)$user_id;
$password = md5($password);
mysql_query("UPDATE `users` SET `password` = '$password' WHERE `user_id` = $user_id");
}
function register_user($register_data) {
array_walk($register_data, 'array_sanitize');
$register_data['password'] = md5($register_data['password']);
$fields = '`' . implode('`, `', array_keys($register_data)) . '`';
$data = '\'' . implode('\', \'', $register_data) . '\'';
mysql_query("INSERT INTO `users` ($fields) VALUES ($data)");
email($register_data['email'], 'Activate your account', "
Hello " . $register_data['username'] . ", \n\n You need to activate your account, so use the link below: \n\nhttp://www.mysite.com/activate.php?email=" . $register_data['email'] . "&email_code=" . $register_data['email_code'] . "\n\n~Admin~ ");
}
function user_count() {
return mysql_result(mysql_query("SELECT COUNT('user_id') FROM `users` WHERE `active` = 1"), 0);
}
function user_data($user_id) {
$data = array();
$user_id = (int)$user_id;
$func_num_args = func_num_args();
$func_get_args = func_get_args();
if ($func_num_args > 1) {
unset($func_get_args[0]);
$fields = '`' . implode('`, `', $func_get_args) . '`';
$data = mysql_fetch_assoc(mysql_query("SELECT $fields FROM `users` WHERE `user_id` = $user_id"));
return $data;
}
}
function logged_in() {
return (isset($_SESSION['user_id'])) ? true : false;
}
function user_exists($username) {
$username = sanitize($username);
return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username'"), 0) == 1) ? true : false;
}
function email_exists($email) {
$email = sanitize($email);
return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email'"), 0) == 1) ? true : false;
}
function user_active($username) {
$username = sanitize($username);
return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `active` =1"), 0) ==1) ? true : false;
}
function user_id_from_username ($username) {
$username = sanitize($username);
return (mysql_result(mysql_query("SELECT `user_id` FROM `users` WHERE `username` = '$username'"), 0, 'user_id'));
}
function login ($username, $password) {
$user_id = user_id_from_username($username);
$username = sanitize($username);
$password = md5($password);
return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `password` = '$password'"), 0) == 1) ? $user_id : false;
}
?>
Thanks for any help.
It looks like your activate() function is missing its closing bracket }.
function activate($email, $email_code) {
$email = mysql_real_escape_string($email);
$email_code = mysql_real_escape_string($email_code);
if (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email' AND `email_code` = '$email_code' AND `active` = 0"), 0) == 1) {
mysql_query("UPDATE `users` SET `active` = 1 WHERE `email` = '$email'");
return true;
} else {
return false;
}
} /* MISSING BRACKET */
function change_password ($user_id, $password) {
...
Your first function is missing a closing brace }:
function activate($email, $email_code) {
$email = mysql_real_escape_string($email);
$email_code = mysql_real_escape_string($email_code);
if (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email' AND `email_code` = '$email_code' AND `active` = 0"), 0) == 1) {
mysql_query("UPDATE `users` SET `active` = 1 WHERE `email` = '$email'");
return true;
} else {
return false;
}
Also, indentation would help find problems like this easier (and an IDE that matches your braces)
You're not closing your first function, so just add } at the end
function activate($email, $email_code) {
$email = mysql_real_escape_string($email);
$email_code = mysql_real_escape_string($email_code);
if (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email' AND `email_code` = '$email_code' AND `active` = 0"), 0) == 1) {
mysql_query("UPDATE `users` SET `active` = 1 WHERE `email` = '$email'");
return true;
} else {
return false;
}
}
oh, and by the way stop using the regular PHP mysql_* functions. They will be deprecated as of PHP 5.5, so take a look at mysqli or PDO
I think the 1st function "activate" is not closing, add } after the else closing.
function activate($email, $email_code) {
$email = mysql_real_escape_string($email);
$email_code = mysql_real_escape_string($email_code);
if (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email' AND `email_code` = '$email_code' AND `active` = 0"), 0) == 1) {
mysql_query("UPDATE `users` SET `active` = 1 WHERE `email` = '$email'");
return true;
} else {
return false;
}
}
^
here
you missed }
it should be
function activate($email, $email_code) {
$email = mysql_real_escape_string($email);
$email_code = mysql_real_escape_string($email_code);
if (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email' AND `email_code` = '$email_code' AND `active` = 0"), 0) == 1) {
mysql_query("UPDATE `users` SET `active` = 1 WHERE `email` = '$email'");
return true;
} else {
return false;
}
} <---missing bracket here