I am using Jquery.load to load an external file with html/php content into one div. It loads the file, and displays what it's supposed to except it says access denied www-data#localhost password: no where it should be echoing some content.
I know that the main page, not the one being loaded, is connected to the db using require_once("assets/functions/config.php"); to call on my php file that contains the connection.
What am I doing wrong? It's probably simple, and I'm overlooking something.
EDIT: Okay on the index.php above <html> I have:
<?PHP
require_once("assets/functions/config.php");
//if ($notInstalled == 1) header("Location: install");
require_once("assets/functions/functions.php");
if ($users->checkAuth() == 0) {
header("Location: login.php");
exit;
}
$currentUser = $_COOKIE['vetelixir_username'];
?>
config.php is as follows:
<?
// MySQL Database
$db_host = "localhost";
$db_name = "dbname";
$db_username = "username";
$db_password = "password";
// Connect to the database
$connection = #mysql_connect($db_host,$db_username,$db_password) or die(mysql_error());
$db = #mysql_select_db($db_name,$connection)or die(mysql_error());
// end MySQL
?>
jQuery:
$("#button").click(function() {
$('#content').load('pages/external.php');
});
External File to Load:
<div id="div">
<?
$currentBlah = mysql_query("SELECT `firstname`,`lastname` FROM `blah` ORDER BY `lastname` ASC") or die(mysql_error());
while($u = mysql_fetch_array($currentBlah)) {
echo "<div class='clientRow'><span class='name'>".$u['firstname']." ".$u['lastname']."</span></div>";
}
?>
</div>
This looks like the php script that your jQuery function is calling is trying (and failing) to open an SSH session.
Related
I will describe my problem in two parts (previous problem and current problem).
Previous Problem:
Initially, on page3.php, I wasn't able to retrieve the username using the session variable and hiding //require('../myDBFolder/db.php'); solved the problem and I was able to see the username on that page.
Current Problem:
Since, I have commented out the line //require('../myDBFolder/db.php');, I am not able to access the other variables defined in db.php like $connection variable and hence I am trying to figure out how to make sure I have $connection variable available in page3.php.
A Quick explanation of the working of files is in the following order:
User submits username from page1.html, page2.php does the authorization work with db.php as required file and upon successful authorization, it directs the user to page3.php.
Please consider my files below:
page1.html
<form method="post" action= "page2.php" name="lform">
<span class="style1">User Name :</span>
<input type="text" name="user" size="25">
<input type="submit" value="login">
</form>
db.php
<?php
session_start();
$user = $_POST["user"];
$_SESSION['username']=$user;
$db_server = "localhost";
$db_name = "PracticeDB";
$db_user = $user;
$table_name_data = "collegestudents";
$connection = mysqli_connect($db_server,$db_user,$db_password) or trigger_error("Could Not Connect to the Database : ". mysqli_connect_error(), E_USER_ERROR);
$db = mysqli_select_db($connection , $db_name) or trigger_error("Could Not Select the Database : " . $db_name . ':' .mysqli_error($connection));
?>
page2.php
<?php
session_start();
require('../myDBFolder/db.php');
$user = $_POST["user"];
$_SESSION['username'] = $user;
$sql="SELECT * FROM $table_name_users WHERE username = \"$user\"";
$result=mysqli_query($connection,$sql) or trigger_error("Couldn't Execute Query in page2.php: ". mysqli_error($sql));
$num = mysqli_num_rows($result);
if ($num != 0) {
print "<script>";
print "self.location='page3.php';";
print "</script>";
} else {
echo "<p>you're not authorized";
}
?>
page3.php
<?php
session_start();
//require('../myDBFolder/db.php');
$user = $_SESSION['username'];
$sql = "SELECT * FROM $table_name_data WHERE username = '$user'";
$result = mysqli_query($connection,$sql) or trigger_error("Could Not Execute the Query ! : ". mysqli_error($connection));
?>
Troubleshooting Steps:
1) I have tried to include require('../myDBFolder/db.php'); in page3.php file and it solves the problem of $connection parameter but I don't see username coming onto that page via session for some reason and also by including //require('../myDBFolder/db.php'); in page3.php I will be making db connection twice as I have already done that in page2.php and haven't closed it.
2) Another thing, I was looking at some of the threads discussed before like this one, it seems like storing $connection in a session variable is not a good idea.
Just to point in a direction:
Change this
$user = $_POST["user"];
$_SESSION['username'] = $user;
to
if(isset($_POST["user"])){
$user = $_POST["user"];
$_SESSION['username'] = $user;
}
So, only update the SESSION if POST is given.
By the way, it is not good practise to give each user an db user account.
Your SQL check if a user is in the database, but your connectin also uses this username!? Rething that..
If you only use one db_user you can move the session username setting stuff completly from the db.php and move it to a better place (e.g. session.php).
the error of you dont see the username if you require db.php is :
in your db.php first thing to do is to put the username in the session so when you call it from the page3 you the code put blank in the session
this code
$user = $_POST["user"];
$_SESSION['username'] = $user;
There is two solution for that :
1 - put connection in one file and the session put in the other file
$user = $_POST["user"];
$_SESSION['username'] = $user;
in different file of connection
2 - the second is you put if condition before this code like this
if(!empty($_POST["user"])) {
$user = $_POST["user"];
$_SESSION['username'] = $user;
}
try it .
I have a class named User which has a function named logout(). I create an instance of this class in index.php and i pass it's value to $_SESSION[usr] before i call memberspage.php . In memberspage.php i have a link named logout which when clicked i want the logout() function to run and also send the user to index.php. For this purpose i've done something like this.
Log out
I know that -> causes the problem but i don't know how to fix it. thnx for your time.
The following code worked for me
Log out
but there is a problem. If i go to the page(memberspage.php) where the above code is and i press the back arrow (not logout link) the logOut() function will still be used(the session is destroyed and i will have to log in again to access memberpage.php) . I don't get it because i thought that the only way to call the logOut() function was to click on Log out link.
If $_SESSION[usr]->logout() is working for you as you said in your comment. I don't know how.
But here is just for calling a php function inside anchor tag.It's totally depend on your function response.
<?php
function usr(){
return "abc";
}
?>
Log out
First i suggest that you change your use of session you can create a page for example session.php where all your session is place, it can also be the re directory page of your login page.
like this one named login.php
create in your form make action redirect to session.php
i also suggest that all your php codes of login are inside the session.php then make this one.
<?php
session_start();
$host = "localhost";
$uname = "root";
$pass = "";
$db = "mydb;
//database connection
$conn = mysqli_connect($host, $uname, $pass, $db);
mysqli_select_db($conn, $db);
if(!$conn){
die("Connection failed: " . mysqli_connect_error());
}
if(isset($_POST['username'])){
$username = $_POST['username'];
$password = $_POST['password'];
$username = stripslashes($username);
$password = stripslashes($password);
//$username = mysqli_real_escape_string($username);
//$password = mysqli_real_escape_string($password);
$sql = "SELECT * FROM table WHERE username = '" .$username. "' AND password = '".$password."' LIMIT 1";
$res = mysqli_query($conn, $sql);
if(mysqli_num_rows($res) > 0){
if($data = mysqli_fetch_assoc($res))
{
$_SESSION['type'] = $data['type'];
if(isset($_SESSION["login_user"]))
{
if($data['type'] == 'admin'){
header('location: admin.php');
}
else if($data['type'] == 'customer'){
header('location: customerhome.php');
}//header('location: uservalidation.php');
}
}
}
else{
//header('location: #');
echo '<script>';
echo 'alert("Invalid no?")';
echo '</script>';
header('location: logind.php');
}
}
?>
then create another page which is logout.php
put this code inside:
<?php
session_start();
header('location: index.php');
session_destroy();
?>
then save put the a link your page for logout.php
Add file logout.php and put into them your logout implementation:
<?php
header('Content-Type: application/json');
$_SESSION[usr]->logout();
echo json_encode(['message' => 'ok']);
And call this file with AJAX:
<script>
function logout() {
$.ajax({
url: '/logout.php'
}).then(function (res) {
window.location.href = '/';
});
}
</script>
Log out
I'm trying to make a web/login page, where if a user is in certain location then they can be able to insert data in the database based on their location.
For example, if we have two users bob and max, one in A(bob) and the other in B(max).
If bob logs into the system username... bob password... 123 location.. A, he should be able to to insert his data on the database located on his PC same as max but they should use a single application.
Now my question is how can I achieve this. For example I've a login script below which is communicating with my localhost (A) and i also want to include a remote connection to my other PC on the LAN (B), using Mysql database installed on both computers, I can connect to Mysql database using Mysql workbench but how can I do it using a script in PHP?
login page
<?php
if(isset($_POST['login'])){
include 'includes/config.php';
$uname = $_POST['uname'];
$pass = $_POST['pass'];
$query = "SELECT * FROM admin WHERE uname = '$uname' AND pass = '$pass'";
$rs = $conn->query($query);
$num = $rs->num_rows;
$rows = $rs->fetch_assoc();
if($num > 0){
session_start();
$_SESSION['uname'] = $rows['uname'];
$_SESSION['pass'] = $rows['pass'];
echo "<script type = \"text/javascript\">
alert(\"Login Successful.................\");
window.location = (\"admin/index.php\")
</script>";
} else{
echo "<script type = \"text/javascript\">
alert(\"Login Failed. Try Again................\");
window.location = (\"login.php\")
</script>";
}
}
?>
connection.php
<?php
$host = "localhost";
$user = "root";
$pass = "";
$db = "cars";
$conn = new mysqli($host, $user, $pass, $db);
if($conn->connect_error){
echo "Failed:" . $conn->connect_error;
}
?>
Configuring two connection scripts is what i have in mind, but i don't
think it will work.
Any suggestions would be appreciated.
Thanks
hello this is my first post on stackoverflow i am at beginner level at php, mysql and work on a php log in page connected to a mysql database which i did try to test through xampp and getting the following error message
Warning: include(../storescripts/connect_to_mysql.php): failed to open stream: No such
file or directory in C:\xampp\htdocs\myonlinestore\storeadmin\admin_login.php
on line 15
Warning: include(): Failed opening '../storescripts/connect_to_mysql.php' for
inclusion (include_path='.;C:\xampp\php\PEAR') in C:\xampp\htdocs\myonlinestore
\storeadmin\admin_login.php on line 15
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in
C:\xampp\htdocs\myonlinestore\storeadmin\admin_login.php on line 18
That information is incorrect, try again Click Here
I was able to successfully connect to the mysql database through dreamwavercs6 on win7 64bit and created a user for the db as also i created a administrator with full privileges in the created admin table. With a successful log in it should direct you to a follow up page called index.php which is a second index page only for admins to choose tasks, located in a subfolder in the same directory. The home page index.php is located here C:\xampp\htdocs\myonlinestore\index.php\
the file with the script called admin_login.php is shown under here
<?php
session_start();
if (isset($_SESSION["manager"])){
header("location: index.php");
exit();
}
?>
<?php
if (isset($_POST["username"]) && isset($_POST["password"])){
$manager = preg_replace('#[^A-Za-z0-9]#i','',$_POST["username"]);
$password = preg_replace('#[^A-Za-z0-9]#i','',$_POST["password"]);
include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT id FROM admin WHERE username='$manager' AND
password='$password' LIMIT 1");
$existCount = mysql_num_rows($sql);
if ($existCount == 1){
while($row = mysql_fetch_array($sql)){
$id = $row["id"];
}
$_SESSION["id"] = $id;
$_SESSION["manager"] = $manager;
$_SESSION["password"] = $password;
header("location: index.php");
exit();
} else {
echo 'That information is incorrect, try again Click Here';
exit();
}
}
?>
the script connect_to_mysql.php under here
<?php
$db_host = "localhost";
$db_username = "user";
$db_pass = "user";
$db_name = "myonlinestore_db";
mysql_connect("$db_host","$db_username","$db_pass") or die ("could not connect to
mysql");
mysql_select_db("$db_name") or die ("no database");
?>
the script index.php which is the landing page where on successful login from admin_login should redirect you to, under here
<?php
session_start();
if(!isset($_SESSION["manager"])){
header("location: admin_login.php");
exit();
}
$managerID = preg_replace('#[^0-9]#i', '',$_SESSION["id"]);
$manager = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["manager"]);
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]);
include"../storescripts/connect_to_mysql.php";
$sql=mysql_query("SELECT*FROM admin WHERE id='$managerID' AND username='$manager' AND
password='$password' LIMIT 1"); // query the person
$existCount=mysql_num_rows($sql); // count the nums
if ($existCount==0){//evaluate the count
echo "Your login session data is not on record in the database";
exit();
}
?>
the problem is that i can not log in through my firefox browser and getting the error as mentioned at the top. All addons,extensions in my firefox browser are on disable and accepting cookies is selected, can anyone help to fix this problem?
Many thanks in advance
Here in your script you are not being able to include your connect_to_mysql.php file.
include "../storescripts/connect_to_mysql.php";
You are trying to provide relative path. Make sure you are properly able to access that file from relative path you are including. i.e. your admin_login.php file.
You can try passing absolute path in your include:
include "C:\xampp\htdocs\myonlinestore\storescripts\connect_to_mysql.php";
please check path in your file manager if it is correct absolute path.
Remove one of the dots from the include("../if the scripts are in
C:\xampp\htdocs\myonlinestore\storescript.
From
C:\xampp\htdocs\myonlinestore\storeadmin\admin_login.php
"../" will take you to htdocs, so you need "./" to get to htdocs\myonlinestore
may be it will help you.
<?php
$server = "localhost";
$connection = mysqli_connect ($server,"root","","your_database_name");
if(!$connection){
// if not connected it will gives the error here
echo "server not found".mysql_error();
}
else{
echo "Connected";
}
?>
Using PHP and MySQL to make a login/registration system. Registration is in and I'd say it works alright. However, I'm having some problems with the login page.
No matter what, it just kind of refreshes the page and I'm not sure what's wrong. Here's the loginaccount.php script I have running on the form:
**
EDIT:
**
Thanks for the help so far guys! But I'm still running into a pretty annyoing problem. Now, no matter what, it still doesn't log in, even though now I'm actually getting the error message I set up. Updated code below:
<?php
//Database Information
$dbhost = "";
$dbname = "";
$dbuser = "";
$dbpass = "";
//Connect to database
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
session_start();
$username = $_POST[‘username’];
$password = md5($_POST[‘password’]);
$query = "select * from registerusers where username='$username' and password='$password'";
$result = mysql_query($query);
if (mysql_num_rows($result) == 0) {
$error = "Incorrect login, please try again.";
include "login.php";
echo "<span class=error_message>".$error."</span>";
} else {
$_SESSION['username'] = "$username";
include "login.php";
echo "<span class=success_message>Welcome! You are now logged in.</span>";
}
?>
I can't post comments on questions yet, but I've got a possible reason for your problem.
Since you're only including (and not redirecting) the users to a page, the login page will just stay where it is and just keep including the files - doing the same things over and over. Try header('Location: memberspage.php') instead.