get names of online users - php

as i have mentioned at my earlier post, we are creating a chat for a specific website. Now this chat would have to retrieve the names of the users online and would automatically update once one user would log out of the chat. we were able to create this with the use of PHP alone and right now we are trying to use jquery to avoid often refreshing.so far, this is what we have:
<?php
session_start(); //Configuation
?>
<link rel="stylesheet" type="text/css" href="http://www.pinoyarea.com/videochat/css/winterblues.css">
<?php
$name = $_SESSION['username'];
$room = $_SESSION['room'];
$user = $_SESSION['user'];
if($name == NULL || $room == NULL || $user = NULL)
{
echo "<script>window.location = 'http://www.pinoyarea.com/index.php?p=member/signup';</script>";
}
include "connect.php";
$timeoutseconds = 60; // length of session, 20 minutes is the standard
$timeoutseconds_idle = 30;
$timestamp=time();
$timeout=$timestamp-$timeoutseconds;
$timeout_idle=$timestamp-$timeoutseconds_idle;
$PHP_SELF = $_SERVER['PHP_SELF'];
if (!empty($_SERVER["HTTP_CLIENT_IP"]))
{
//check for ip from share internet
$ip = $_SERVER["HTTP_CLIENT_IP"];
}
elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))
{
// Check for the Proxy User
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
}
else
{
$ip = $_SERVER["REMOTE_ADDR"];
}
$temp = #mysql_query("SELECT * FROM useronline WHERE online_name='$name' AND online_user='$user' AND online_room='$room'");
$rowie = #mysql_num_rows($temp);
// Add this user to database
$loopcap = 0;
while ($loopcap<3){
if($rowie == 0 AND $name != NULL)
{
#mysql_query("insert into useronline values('$timestamp','$ip','$PHP_SELF','$name','$room','$user')");
}
else
{
} // in case of collision
$timestamp = $timestamp+$ip{0}; $loopcap++;
}
// Delete users that have been online for more then "$timeoutseconds" seconds
mysql_query("delete from useronline where timestamp<$timeout");
//Modified
// Select users online
$result = #mysql_query("select distinct online_name from useronline");
$result2 = #mysql_query("SELECT distinct online_name FROM useronline WHERE online_room='$room'");
$user_count = #mysql_num_rows($result2);
mysql_free_result($result);
#mysql_close();
// Show all users online
echo '<table name="tableonline" width="180px">';
if ($user_count==1)
{
echo '<tr><th>';
echo '<font size="1px" style="font-family:arial;"><strong>'.$user_count.' Toozer Online</th></tr>';
}
else
{
echo '<tr><th>'.$user_count.' Toozers Online</strong></font></th></tr></table>';
}
echo "</table><br /><table width='180px'>";
while($cell = mysql_fetch_array($result2))
{
$timestamping = $cell["timestamp"];
if($timestamping >= $timeout_idle && $timestamping < $timeout)
{
$src = "http://www.pinoyarea.com/images/videochat/user-offline.png";
}
else
{
$src = "http://www.pinoyarea.com/images/videochat/user-online.png";
}
echo '<tr><td><img src="'.$src.'"/><font size="1px" style="text-decoration:none;font-family:tahoma;"></td><td>'.$cell["online_name"].'</font>';
echo '<br /></td></tr>';
}
echo '<table>';
?>
<script type="text/javascript" src="http://code.jquery.com/jquery-1.4.2.min.js"> </script>
<script>
$(document).ready(function() {
$("#tableonline").load("online_users.php");
var refreshId = setInterval(function() {
$("#tableonline").load('online_users.php?randval='+ Math.random());}, 3000);
});
</script>
//<META HTTP-EQUIV="Refresh" CONTENT="10">

You have to put a boolean value for the user in the DB (in the user table). when he get's login ie when he enter's to his profile page the BOOL value should be changed to 1 and when he get logout change the vlaue to 0.

Related

PHP: session_start() doesn't work on Server, but on localhost?

I searched now for hours but couldn't find any solution. I hope you can help me.
I created a website and tested it with xampp and eververthing works well, but now I uploaded it on a server and I could realize that the session_start() does not work.
This is the code of my index.php:
<?php
session_start();
echo session_status()."<br>";
echo "SessionID: ".session_id();
error_reporting(E_ALL & ~E_NOTICE);
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="stylesheet.css" media="screen" />
<meta charset="UTF-8" />
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<script>
$(document).ready(function(){
// Add smooth scrolling to all links
$("a").on('click', function(event) {
// Make sure this.hash has a value before overriding default behavior
if (this.hash !== "") {
// Prevent default anchor click behavior
event.preventDefault();
// Store hash
var hash = this.hash;
// Using jQuery's animate() method to add smooth page scroll
// The optional number (800) specifies the number of milliseconds it takes to scroll to the specified area
$('html, body').animate({
scrollTop: $(hash).offset().top
}, 800, function(){
// Add hash (#) to URL when done scrolling (default click behavior)
window.location.hash = hash;
});
} // End if
});
$(".loginField").click(function() {
$(".loginDetails").toggle("slow");
});
$(".profilName").click(function() {
$(".profilMenu").toggle("slow");
});
$("#middleLoginButton").click(function() {
$(".middleLoginForm").toggle("slow");
});
});
</script>
</head>
<body>
<!-- getting UserData, if available -->
<?php
//delete Session Data, if logout
if (isset($_GET['logout']) && $_GET['logout'] == 1) {
echo "SessionID Logout:".session_id();
session_destroy();
//header("Location:https://www.whocando.eu");
}
function autoload ($className) {
if (file_exists('classes/'.$className.'.php')) {
require 'classes/'.$className.'.php';
}
}
spl_autoload_register("autoload");
if ($_GET['falsePassword'] == 1) {
$falsePassword = 1;
}
if ((empty($_POST['userName']) || empty($_POST['password'])) && empty($_POST['registration'])) {
// after Login Check!
} elseif (isset($_POST['userName']) && isset($_POST['password']) && !isset($_POST['registration'])) {
$loginCheck = new loginParser();
$userID = $loginCheck->loginChecker($_POST['userName'],$_POST['password']);
$_SESSION['userID'] = $userID;
$abfrage = new dbQuery("SELECT ID,name, firstName FROM db764570417.userdata WHERE ID = $userID");
$userName = $abfrage->fetchData('ID','name');
$userFirstName = $abfrage->fetchData('ID','firstName');
// already logged in Check!
} elseif (isset($_SESSION['userID'])) {
$userID = $_SESSION['userID'];
$abfrage = new dbQuery("SELECT ID,name, firstName FROM db764570417.userdata WHERE ID = $userID");
$userName = $abfrage->fetchData('ID','name');
$userFirstName = $abfrage->fetchData('ID','firstName');
// after Registration Check!
} elseif (isset($_POST['registration'])) {
$name = $_POST['name'];
$vorName = $_POST['vorname'];
$email = $_POST['email'];
$uni = $_POST['uni'];
$geburtstag = $_POST['gebDatum'];
$password = $_POST['passwort'];
$confirmedPassword = $_POST['confirmPasswort'];
$gebDatum = date("Y-m-d",strtotime($geburtstag));
$abfrageEmail = new dbQuery("SELECT ID,email FROM db764570417.logindata");
$userEmails = $abfrageEmail->fetchData('ID','email');
if ($password != $confirmedPassword) {
header("Location:https://www.whocando.eu/registration.php?fault=passwordNotMatched&name=".$name."&vorname=".$vorName."&email=".$email."&uni=".$uni."&gebDatum=".$geburtstag);
} elseif (in_array($email,$userEmails)) {
header("Location:https://www.whocando.eu/registration.php?fault=emailAlreadyUses&name=".$name."&vorname=".$vorName."&email=".$email."&uni=".$uni."&gebDatum=".$geburtstag);
} elseif (empty($name)) {
header("Location:https://www.whocando.eu/registration.php?fault=nameMissing&name=".$name."&vorname=".$vorName."&email=".$email."&uni=".$uni."&gebDatum=".$geburtstag);
}elseif (empty($vorName)) {
header("Location:https://www.whocando.eu/registration.php?fault=vorNameMissing&name=".$name."&vorname=".$vorName."&email=".$email."&uni=".$uni."&gebDatum=".$geburtstag);
} elseif (empty($email)) {
header("Locationhttps://www.whocando.eu/:registration.php?fault=emailMissing&name=".$name."&vorname=".$vorName."&email=".$email."&uni=".$uni."&gebDatum=".$geburtstag);
} elseif (empty($uni)) {
header("Location:https://www.whocando.eu/registration.php?fault=uniMissing&name=".$name."&vorname=".$vorName."&email=".$email."&uni=".$uni."&gebDatum=".$geburtstag);
}elseif (empty($geburtstag)) {
header("Locationhttps://www.whocando.eu/:registration.php?fault=gebMissing&name=".$name."&vorname=".$vorName."&email=".$email."&uni=".$uni."&gebDatum=".$geburtstag);
} elseif (empty($password)) {
header("Location:https://www.whocando.eu/registration.php?fault=passwordMissing&name=".$name."&vorname=".$vorName."&email=".$email."&uni=".$uni."&gebDatum=".$geburtstag);
} elseif (empty($confirmedPassword)) {
header("Location:https://www.whocando.eu/registration.php?fault=confirmedPasswordMissing&name=".$name."&vorname=".$vorName."&email=".$email."&uni=".$uni."&gebDatum=".$geburtstag);
} else {
include ('dbConnection.php');
$date = date("Y-m-d H:i:s",time());
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$sqlCode = "INSERT INTO db764570417.logindata (name,email,password)
VALUES (?,?,?)";
$userNameDB = $vorName."".$name;
$statement = $mysqli->prepare($sqlCode);
$statement->bind_Param('sss',$userNameDB,$email,$hashedPassword);
$statement->execute();
$newUserId = $mysqli->insert_id;
$_SESSION['userID'] = $newUserId;
$sqlCode = "INSERT INTO db764570417.userdata (ID,name,firstName,firstLogin,lastLogin,birthDate,email,university)
VALUES (?,?,?,?,?,?,?,?)";
$statement = $mysqli->prepare($sqlCode);
$statement->bind_Param('isssssss',$newUserId,$name,$vorName,$date,$date,$gebDatum,$email,$uni);
$statement->execute();
//header("Location:index.php");
$userID = $newUserId;
$userFirstName[$userID] = $vorName;
$userName[$userID] = $name;
}
}
?>
If I load the page there will be no session ID created, but if I test exactly the same code on localhost, it works.
I thought there were an issue with the server and uploaded a file with the following code:
<?php
if (!isset($_SESSION)) {
session_start();
echo session_status();
echo "SessionID: ".session_id();
}
echo "SessionID: ".session_id();
?>
I am now completely confused and don't know what mistake I did.
Can someone help me with this?
Thank you!
Exec following code and find session.save_path
<?php
phpinfo();
?>
Just add right permissions to this path

PHP logging out by using class

I need some help on my log out. I try to show less code as possible to avoid long code.
What I'm trying to do is a webpage that allow user to log in and view some stuff. When the user done viewing the stuff, the user are able to log out. When logging out, it'll redirect the user to login page and update my database to clear up all the data such as session_id etc.
But the problem is, whenever the user click the log out button, it'll redirect the user to the login page, but not updating the query which is in the logout function. I'm trying to logs the user out by clearing all the session and data in the database such as session_id, last_log, etc.
Is there any way to make the log out button works?
In my protect class
class protect
{
var $username = "";
var $password = "";
var $id = "";
var $isAdmin = -1;
var $sess_id = "";
var $action = "";
var $query = "";
var $ip_address = "";
var $otp = "";
function __construct()
{
try
{
session_start();
$db = new DB("XXUser","password",DB_NAME);
$db->connect();
$this->check_login($db);
if(!isset($_SESSION['loggedin']) || $_SESSION['loggedin']!=1)
{
$this->logout($db);
}
else
{
if($this->action == "logout")
{
$this->logout($db);
}
$this->check_session($db);
}
}
catch
{
$this->logout($db);
exit();
}
}
function post_value()
{
if (!empty($_POST))
{
foreach ($_POST as $key => $value)
{
$this->$key=$value;
}
}
}
function get_value()
{
if(isset($_GET['action']))
{
$this->action=$_GET['action'];
}
}
function insert_session($db)
{
$sql = "UPDATE myuser SET lastLog = now(), active = 'Y', last_active
= now(), last_access = now(), ip_addr = '".$this->ip_address."',
session_ID = '".trim($this->sess_id)."', fail_login_count = 0,
last_fail_login_time ='1900-01-01 00:00:00', otp =
'".$_SESSION['otp']."' WHERE ID = '".$_SESSION['id']."'";
$db->query($sql);
}
function check_session($db)
{
if(isset($_SESSION['loggedin']) || $_SESSION['loggedin'] == 1)
{
$sql2 = "SELECT * FROM myuser WHERE ID = '".$_SESSION['id']."'
AND otp = '".$_SESSION['otp']."'";
$db->query($sql2);
$db->fetchRow();
if($db->resultCount() == 0)
{
echo "<script type=\"text/javascript\">
alert(\"Access Denied\");
</script>";
session_destroy();
$db->disconnect();
header("Location: login2.php");
exit();
}
else
{
$this->check_time($db);
$this->refresh_session();
}
}
}
function refresh_session()
{
//Regenerate id
session_regenerate_id();
//Regenerate otp
$_SESSION['otp'] = trim(md5(time() .$_SESSION['id']));
}
function check_time($db)
{
$sql3 = "SELECT * FROM myuser WHERE ID = '".$_SESSION['id']."' AND
otp = '".$_SESSION['otp']."' AND last_active > DATE_SUB(NOW(),
INTERVAL 10 MINUTE)";
$db->query($sql3);
if($db->resultCount($db) == 0)
{
$this->logout($db);
}
else
{
$sql2 = "UPDATE myuser SET last_active = now() WHERE ID =
'".$_SESSION['id']."' AND otp = '".$_SESSION['otp']."'";
$db->query($sql2);
}
}
function check_login($db)
{
if(!isset($_SESSION['loggedin']) || $_SESSION['loggedin']!=1)
{
$this->username = sanitize($_POST['username']);
$this->password = $_POST['password'];
$sql = "SELECT * FROM myuser WHERE userName = '".$this-
>username."' AND userPass = '".$this->password."'";
$db->query($sql);
if($db->resultCount() == 0)
{
echo "<script type=\"text/javascript\">
alert(\"Wrong Username or Password\");
</script>";
$db->disconnect();
$db->clear();
}
else
{
$db->fetchRow();
//Correct username but wrong password.
if($db->record['userName'] == $this->username)
{
if($db->record['userPass'] != $this->password)
{
echo "<script type=\"text/javascript\">
alert(\"Wrong Username or Password\");
</script>";
$sql3 = "UPDATE myuser SET ip_addr='".$this-
>ip_address."',fail_login_count=(fail_login_count+1)
WHERE userName='".$this->username."'";
mysql_query($sql3) or die(mysql_error());
}
else
{
$this->id = $db->record['ID'];
$sql4 = "SELECT * FROM subordinate_reporting WHERE
myuser_uid = '".$this->id."'";
$db->query($sql4);
if($db->record['active'] == 'Y')
{
session_destroy();
$db->disconnect();
header("Location: login2.php");
exit();
}
else if($db->resultCount() == 0)
{
echo "<script type=\"text/javascript\">
alert(\"".$db->record['real_name'].", You
are not authorized to access this page\");
</script>";
$db->clear();
}
else
{
echo "<script type=\"text/javascript\">
alert(\"Welcome ".$db-
>record['real_name'].". Your last access was
on ".$db->record['last_access']."\");
</script>";
$this->session($db);
}
}
}
}
}
}
//This function haven't use
function check_attempt($db)
{
$db->query("SELECT fail_login_count, last_fail_login_time FROM
myuser WHERE userName = ".$this->username."");
$db->fetchRow();
if($db->record['fail_login_count'] >= 3)
{
$db->query("UPDATE myuser SET blocked = 'Y',
last_fail_login_time = now()");
echo "<script type=\"text/javascript\">
alert(\"Your account has been blocked for 10 minutes due to
failed login attempts of 3 times\");
</script>";
}
if($db->record['blocked'] === 'Y')
{
if(($db->record['last_fail_login_time'] - time()) > 10)
{
$db->clear();
$db->query("UPDATE myuser SET last_fail_login_time = '1900-
01-01 00:00:00', fail_login_count = 0, blocked = 'N'");
}
else
{
$db->clear();
echo "<script type=\"text/javascript\">
alert(\"Please try again later\");
</script>";
}
}
}
function logout($db)
{
$sql = "UPDATE myuser SET session_ID = '', otp = '', active =
'N', last_active = '1900-01-01 00:00:00', lastLog = '1900-01-01
00:00:00' WHERE ID = ".$_SESSION['id']." AND
otp='".$_SESSION['otp']."'";
$db->query($sql);
echo $sql;
unset ($_SESSION['otp']);
unset ($_SESSION['loggedin']);
unset ($_SESSION['id']);
session_unset();
session_destroy();
$db->clear();
$db->disconnect();
header("Location: login2.php");
exit();
}
function session($db)
{
$_SESSION['loggedin'] = 1;
$_SESSION['id'] = $this->id;
$_SESSION['otp'] = trim(md5(time() .$_SESSION['id']));
$this->ip_address = $this->get_ip();
$this->sess_id = session_id();
$_SESSION['timeout'] = time();
$this->insert_session($db);
}
function logout_btn()
{
echo "<form name='logoutbtn' method='post' action=''>";
echo "\n <input type='hidden' name='action' value='logout'
/>";
echo "<input type='submit' id='button' value='Log Out' />";
echo "\n</form>";
}
function get_ip()
{
if(getenv('HTTP_CLIENT_IP'))
{
$ip = getenv('HTTP_CLIENT_IP');
}
else if(getenv('HTTP_X_FORWARDED_FOR'))
{
$ip = getenv('HTTP_X_FORWARDED_FOR');
}
else
{
$ip = getenv('REMOTE_ADDR');
}
return $ip;
}
}
In my normal html file
<?php
try
{
$prot = new protect();
if(!isset($_SESSION['loggedin']) || $_SESSION['loggedin']!=1)
{
echo "<script type=\"text/javascript\">
alert("Access Denied");
</script>";
}
}
catch (Exception $e)
{
$e->getMessage();
}
?>
<!DOCTYPE html>
<html>
</html>
<head>
</head>
<body>
$ved = new view_exit_docket($db, $_SESSION['id']);
$ved->check_app_uid($db);
$ved->display_table($db);
$prot->logout_btn();
</body>
</html>
If the log out button was not working, then surely you would not have been redirected - this implies that failures are occurring elsewhere.
I will assume that some of the stuff you have edited out of your code is critical to its operation (other wise it would not behave as you describe).
it'll redirect the user to the login page, but not updating the query
From the code you've shown us, the only route to the redirection is through executing the query. If the data was not changed, then the query failed.
1) You didn't tell us anything about the DB class.
2) You don't check the return value from $DB->query() nor poll the state of the operation from $DB after executing the query. If you had, you might have got an error message explaining the problem.
3) You didn't show us the SQL you are running (the most likely place where the fault lies).
4) You have not said what happened to the session data

PHP $_SESSION returning incorrect value

Ok, so when I execute the initial function it works fine, the username gets stored in the database, however when I run the second function that appends the username to the text the user chooses to enter the IF statement returns 'no user' - when a user is defined...
If anyone knows how to fix this that would be great - I am currently learning PHP and mysql so I am sorry if any of this is incorrect
<?php
session_start()
// connect to the database
mysql_connect("localhost", "root", "");
mysql_select_db("ajaxchat");
// read the stage
$stage = $_POST['stage'];
// primary code
if($stage == 'initial') {
// check the username
$user = $_POST['user'];
$query = mysql_query("SELECT * FROM chat_active WHERE user='$user'");
if (mysql_num_rows($query) == 0) {
$time = time();
//
mysql_query("INSERT INTO chat_active VALUES ('$user', '$time')");
// set the session
$_SESSION['user'] = $user;
echo 'good';
}
else {
echo 'taken';
}
}
/////////////// PROBLEM FUNCTION ///////////////
================================================
else if($stage == 'send') {
// get the textdomain
$text = $_POST['text'];
// check for user_error
if (isset($_SESSION['user'])) {
$user = $_SESSION['user'];
echo $user.' - '.$text.'<br />';
}
else {
echo 'no user';
}
}
else {
echo 'error';
}
?>
This is the javascript:
<script type="text/javascript">
function chat_initialise() {
var user = document.getElementById("chat_user").value;
$.post("./chat.php", {stage:"initial", user:user}, function(data) {
if (data == "good") {
$('#initial').css('display', 'none');
$('#content').css('display', 'inline')
}
else {
alert("That username is taken! Please try another.");
}
});
}
function chat_send() {
var text = document.getElementById("chat_text").value;
$.post("./chat.php", {stage:"send", text:text}, function(data) {
document.getElementById("chat_text").value = '';
$('#window').text($('#window').text() + data);
// alert(data)
});
}
</script>
I fixed it - changed the POST function to take the current username then redefine it as a variable in the second function:
else if($stage == 'send') {
// get the textdomain
$text = $_POST['text'];
$user = $_POST['user'];
echo $user;
// check for user_error
if (isset($_SESSION['user'])) {
$_SESSION['user'] = $user;
echo $user.' - '.$text.'<br />';
}
else {
echo 'no user';
var_dump($_SESSION);
}
}
Thanks for all your help guys!!

Why wont my PHP MYSQL comparison work

Im messing around, trying to see if i can make one of those clickable pet sites that were all the rage a couple years ago and i run into a problem with trying to use if, else, elseif stuff in PHP.
Heres what I have:
<?php
include_once "mysql_connect.php";
$newip = $_SERVER['REMOTE_ADDR'];
$oldip = mysql_query("SELECT lastip FROM sitefunctions WHERE name='index'");
if ($newip == $oldip) {
$message = "You were the last one to click this pet, please wait until someone else has clicked it before trying again.";
}
else {
mysql_query("UPDATE sitefunctions SET `clicks` = `clicks`+1 WHERE name='index'");
mysql_query("UPDATE sitefunctions SET `lastip` = '$newip' WHERE name='index'");
$tempclicks = mysql_query("SELECT `clicks` FROM sitefunctions WHERE name='index'");
$message = "You gave this pet a click!";
};
if ($tempclicks == 150) {
mysql_query("UPDATE sitefunctions SET `level` = 2 WHERE name='index'");
$message = "Your click leveled the pet up!";
}
elseif ($tempclicks == 600) {
mysql_query("UPDATE sitefunctions SET `level` = 3 WHERE name='index'");
$message = "Your click leveled the pet up!";
}
$sql = mysql_query("SELECT * FROM sitefunctions WHERE name='index'");
while($row = mysql_fetch_array($sql)){
$clicks = $row["clicks"];
$level = $row["level"];
$name = $row["name"];
$image1 = $row["image1"];
$image2 = $row["image2"];
$image3 = $row["image3"];
};
if ($level == 1) {
$imageu = $image1;
}
elseif ($level == 2) {
$imageu = $image2;
}
elseif ($level == 3) {
$imageu = $image3;
}
?>
<html>
<head>
</head>
<body>
<p>
<?php print $oldip; ?> <br>
<?php print $newip; ?> <br>
Name: <?php print $name; ?> <br>
<img src=<?php print $imageu; ?> /> <br>
Clicks: <?php print $clicks; ?> <br>
Level: <?php print $level; ?> <br>
<?php print $message; ?>
</p>
</body>
</html>
Now the first problem i'm having is with comparing the users ip with the last ip that was on the page.
$newip = $_SERVER['REMOTE_ADDR'];
$oldip = mysql_query("SELECT lastip FROM sitefunctions WHERE name='index'");
if ($newip == $oldip) {
$message = "You were the last one to click this pet, please wait until someone else has clicked it before trying again.";
}
else {
mysql_query("UPDATE sitefunctions SET `clicks` = `clicks`+1 WHERE name='index'");
mysql_query("UPDATE sitefunctions SET `lastip` = '$newip' WHERE name='index'");
$tempclicks = mysql_query("SELECT `clicks` FROM sitefunctions WHERE name='index'");
$message = "You gave this pet a click!";
};
No matter what i have tried it doesnt really compare the values. If i put a "=" it says theyre the same no matter what and if i do "==" it says theyre different even though they shouldn't be.
I dont even know where to start with this, no errors come up and i'm fairly new to PHP and MYSQL. Nothing else can be really tested until this, but im sure that the rest of the comparisons dont work either.
im using 000webhost for my site, if thats known to have problems lol
This is what my code looks like now, it works too so im done here:
<?php error_reporting(E_ALL); ini_set('display_errors', 1);
$name = $_POST['name'];
if (empty($name) == true){
$name = "index";
};
include_once "mysql_connect.php";
$newip = $_SERVER['REMOTE_ADDR'];
$sql = mysql_query("SELECT * FROM sitefunctions WHERE name='$name'") or die(mysql_error());
while($row = mysql_fetch_array($sql)) {
$lastip = $row["lastip"];
}
if ($lastip == $newip) {
$message = "You were the last one to click this pet! You have to wait until someone else clicks it!";
} else {
mysql_query("UPDATE sitefunctions SET `clicks` = `clicks`+1 WHERE name='$name'") or die(mysql_error());
mysql_query("UPDATE sitefunctions SET `lastip` = '$newip' WHERE name='$name'") or die(mysql_error());
$message = "You clicked the pet!";
}
$sql = mysql_query("SELECT * FROM sitefunctions WHERE name='$name'") or die(mysql_error());
while($row = mysql_fetch_array($sql)) {
$clicks = $row["clicks"];
$level = $row["level"];
}
if ($clicks > 50*$level) {
mysql_query("UPDATE sitefunctions SET `level` = `level`+1 WHERE name='$name'") or die(mysql_error());
$message = "Your click leveled up the pet!";
}
$sql = mysql_query("SELECT * FROM sitefunctions WHERE name='$name'") or die(mysql_error());
while($row = mysql_fetch_array($sql)) {
$clicks = $row["clicks"];
$level = $row["level"];
$name = $row["name"];
$image1 = $row["image1"];
$image2 = $row["image2"];
$image3 = $row["image3"];
$lastip = $row["lastip"];
};
if ($level > 35) {
$imageu = $image3;
} elseif ($level > 15) {
$imageu = $image2;
} elseif ($level > 0) {
$imageu = $image1;
};
?>
<html>
<head>
</head>
<body>
<center>
<p>
Name: <?php print $name; ?> <br>
<img src=<?php print $imageu; ?> /> <br>
Clicks: <?php print $clicks; ?> <br>
Level: <?php print $level; ?> <br>
Last User: <?php print $lastip; ?> <br>
<?php print $message; ?>
</p>
</center>
</body>
</html>

Show Online Members and Auto Logout

I am trying to display the current users and if they don't logout I would like it to time out like 20 seconds after they close the browser.
Login Code:
<?
$username = $_SESSION['membersusername'];
if(isset($username)){
mysql_query("UPDATE users SET seen=NOW() WHERE username='$username'");
}
?>
Display Online User:
<?
$check_query_all = mysql_query("SELECT * FROM users WHERE hiddenauth='no' AND seen='Y-m-d H:i:s' ORDER BY id DESC");
while ($display = mysql_fetch_array($check_query_all)) {
$allmembers = $display['name'];
$allusername = $display['username'];
$allbio = $display['bio'];
$allage = $display['age'];
$allseen = $display['seen'];
// get more stuff above if u need
$check_query_all2 = mysql_query("SELECT * FROM profiles WHERE username='$allusername'");
while ($display = mysql_fetch_array($check_query_all2)) {
$allimage = $display['image'];
$alllocation = $display['location'];
// Check Album Photo's
$check_amount = mysql_query("SELECT * FROM users WHERE hiddenauth='no' AND seen='Y-m-d H:i:s'");
$num_djs_total = mysql_num_rows($check_amount);
// CHECK IF IMAGE OR NOT
if ($allimage == "") {
$allcheckedimage = "nopic.gif"; }
// CHECK IF IMAGE OR NOT
if ($allimage != "") {
$allcheckedimage = "$allusername/$allimage"; }
// CHECK IF location OR NOT
if ($alllocation == "") {
$allcheckedlocation = "No Idea"; }
// CHECK IF location OR NOT
if ($alllocation != "") {
$allcheckedlocation = "$alllocation"; }
// CHECK IF mini bio OR NOT
if ($allbio == "") {
$allcheckedbio = "Something about your show."; }
// CHECK IF mini bio OR NOT
if ($allbio != "") {
$allcheckedbio = "$allbio"; }
$listalldjs2 .= "<table class='inlineTable' width='170' height='140' border='0'>
<tr>
<td width='20%' align='center'><a href='$domain/$allusername' /><img src='$domain/profile/$allcheckedimage' width='160' height='120' title='$allusername' /></a> </td>
</tr>
</table> ";
}}
?>
<h2>Online Users</h2>
<? echo $listalldjs2 ?>
Logout Code:
<?
$username = $_SESSION['membersusername'];
if(isset($username)){
mysql_query("UPDATE users SET seen='' WHERE username='$username'");
}
?>
I don't have iSQL or PDO as the server people won't update it yet, can anyone help me?

Categories