BetterPHP

The non-existent community
https://betterphp.co.uk/board/

User Profile with your login system.

https://betterphp.co.uk/board/viewtopic.php?t=955

Page 2 of 3

Re: User Profile with your login system.

Posted: Tue Jan 24, 2012 9:45 am
by Temor
function fetch_current_user_id($username){
$sql = 'SELECT `user_id` FROM `users` WHERE `user_name` = '{$username}'';
 
$result = mysql_query($sql);
 
return mysql_result($result, 0);
 
}
You're not supposed to pass in the users ID to the function. The purpose of the function is to get the ID that corresponds to a username. What you need to do is pass in the $_SESSION['username'] variable and then use the $username variable like I did above.

Also, where are you calling the function? This function will return the user ID as a value that you need to store in a variable. In this case you want to store it in the $_SESSION['uid'] variable. Like this: 
$_SESSION['uid'] = fetch_current_user_id($_SESSION['username'];
And then you'd probably want to do some cleaning and make sure that the script doesn't run every time the user refreshes a page.
if(empty($_SESSION['uid'])){
 run function here.
}
function fetch_current_user_id($username){
$username = mysql_real_escape_string($username);
$sql = 'SELECT `user_id` FROM `users` WHERE `user_name` = '{$username}'';
 
$result = mysql_query($sql);
 
return mysql_result($result, 0);
 
}

Re: User Profile with your login system.

Posted: Tue Jan 24, 2012 9:52 am
by hys
Hi mate I'm really glad that u help me but its still not working getting a blank site :(

im confused now

Regards
Mike aka hys

Re: User Profile with your login system.

Posted: Tue Jan 24, 2012 5:52 pm
by jacek
hys wrote:Hi mate I'm really glad that u help me but its still not working getting a blank site :(

im confused now

Regards
Mike aka hys
did you just copy the code character for character or did you write your own version based on the example ?

Re: User Profile with your login system.

Posted: Tue Jan 24, 2012 6:08 pm
by hys
function fetch_current_user_id($username){
$username = mysql_real_escape_string($username);
$sql = 'SELECT `user_id` FROM `users` WHERE `user_name` = '{$username}'';
 
$result = mysql_query($sql);
 
return mysql_result($result, 0);
 
}

Re: User Profile with your login system.

Posted: Tue Jan 24, 2012 9:20 pm
by Temor
hys wrote:
function fetch_current_user_id($username){
$username = mysql_real_escape_string($username);
$sql = 'SELECT `user_id` FROM `users` WHERE `user_name` = '{$username}'';
 
$result = mysql_query($sql);
 
return mysql_result($result, 0);
 
}
that should work. How and where are you calling the function? 
if(empty($_SESSION['uid'])){
$_SESSION['uid'] = fetch_current_user_id($_SESSION['username'];
}
If you put that line in your init.inc file it should work.

Re: User Profile with your login system.

Posted: Tue Jan 24, 2012 11:00 pm
by hys
Hi there now i used the code u send me and i putted it into init file

init.inc.php
<?php

function fetch_current_user_id($username){
$username = mysql_real_escape_string($username);
$sql = 'SELECT `user_id` FROM `users` WHERE `user_name` = '{$username}'';
 
$result = mysql_query($sql);
 
return mysql_result($result, 0);
 
}

if(empty($_SESSION['uid'])) {
$_SESSION['uid'] = fetch_current_user_id($_SESSION['username']);

}

// fetches all of the users from the table.
function fetch_users() {
	$result = mysql_query('SELECT `user_id` AS `id`, `user_name` AS `username` FROM `users`');
	
	$users = array();
	
	while (($row = mysql_fetch_assoc($result)) !== false) {
		$users[] = $row;
	}	
	
	return $users;
}

// fetches profile infomation for the given user.
function fetch_user_info($uid) {
	$uid = (int)$uid;
	
	$sql = "SELECT
				`user_name` AS `username`,
				`user_firstname` AS `firstname`,
				`user_lastname` AS `lastname`,
				`user_email` AS `email`,
				`user_about` AS `about`,
				`user_location` AS `location`,
				`user_gender` AS `gender`
			FROM `users`
			WHERE `user_id` = {$uid}";
			
	$result = mysql_query($sql);
	
	return mysql_fetch_assoc($result);
}

// check if the given username exists in the database.
function user_exists($user) {
	$user 	= mysql_real_escape_string($user);
	
	$total 	= mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_name` = '{$user}'");
	
	return (mysql_result($total, 0) == '1') ? true : false;
}

// check if the given username and password combination is valid.
function valid_credentials($user, $pass) {
	$user 	= mysql_real_escape_string($user);
	$pass 	= mysql_real_escape_string($pass);
	
	$total 	= mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_name` = '{$user}' AND `user_password` = '{$pass}'");

	return (mysql_result($total, 0) == '1') ? true : false;
}

// checks is the given user account is active.
function is_active($user) {
	$user = mysql_real_escape_string($user);
	
	$sql = "SELECT
				COUNT(`user_activations`.`user_id`)
			FROM `users`
			INNER JOIN `user_activations`
			ON `users`.`user_id` = `user_activations`.`user_id`
			WHERE `users`.`user_name` = '{$user}'";
			
	$result = mysql_query($sql);
	
	return (mysql_result($result, 0) == '0') ? true : false;
}


// activates the account related to the given activation code.
function activate_account($aid) {
	$aid = mysql_real_escape_string($aid);
	
	mysql_query("DELETE FROM `user_activations` WHERE `activation_code` = '{$aid}'");
}

// adds a user to the database
function add_user($user, $email, $pass) {
	$user 	= mysql_real_escape_string(htmlentities($user));
	$email 	= mysql_real_escape_string($email);
	$pass 	= sha1($pass);
	
	$charset = array_flip(array_merge(range('a', 'z'), range('A', 'Z'), range('0', '9')));
	$aid = implode('', array_rand($charset, 10));
	
	$body = <<<EMAIL

	Hi,
	
	Thanks for registering, before you login you need to activate your account.
	
	To do that simply click the following link.
	
	http://dev.onslowdemolering.dk/activate.php?aid={$aid}

EMAIL;

	mail($email, 'Your new account at onslowdemolering.dk', $body, 'From: ekim@onslowdemolering.dk');
	
	mysql_query("INSERT INTO `users` (`user_name`, `user_password`, `user_email`) VALUES ('{$user}', '{$pass}', '{$email}')");
	
	$user_id = mysql_insert_id();
	
	mysql_query("INSERT INTO `user_activations` (`user_id`, `activation_code`) VALUES ({$user_id}, '{$aid}')");
}

?>
its not working the http://dev.onslowdemolering.dk/login.php its still nothing showing now at all :s

Regards
Hys

Re: User Profile with your login system.

Posted: Tue Jan 24, 2012 11:30 pm
by Temor
hys wrote:Hi there now i used the code u send me and i putted it into init file

init.inc.php
<?php

function fetch_current_user_id($username){
$username = mysql_real_escape_string($username);
$sql = 'SELECT `user_id` FROM `users` WHERE `user_name` = '{$username}'';
 
$result = mysql_query($sql);
 
return mysql_result($result, 0);
 
}

if(empty($_SESSION['uid'])) {
$_SESSION['uid'] = fetch_current_user_id($_SESSION['username']);

}

// fetches all of the users from the table.
function fetch_users() {
	$result = mysql_query('SELECT `user_id` AS `id`, `user_name` AS `username` FROM `users`');
	
	$users = array();
	
	while (($row = mysql_fetch_assoc($result)) !== false) {
		$users[] = $row;
	}	
	
	return $users;
}

// fetches profile infomation for the given user.
function fetch_user_info($uid) {
	$uid = (int)$uid;
	
	$sql = "SELECT
				`user_name` AS `username`,
				`user_firstname` AS `firstname`,
				`user_lastname` AS `lastname`,
				`user_email` AS `email`,
				`user_about` AS `about`,
				`user_location` AS `location`,
				`user_gender` AS `gender`
			FROM `users`
			WHERE `user_id` = {$uid}";
			
	$result = mysql_query($sql);
	
	return mysql_fetch_assoc($result);
}

// check if the given username exists in the database.
function user_exists($user) {
	$user 	= mysql_real_escape_string($user);
	
	$total 	= mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_name` = '{$user}'");
	
	return (mysql_result($total, 0) == '1') ? true : false;
}

// check if the given username and password combination is valid.
function valid_credentials($user, $pass) {
	$user 	= mysql_real_escape_string($user);
	$pass 	= mysql_real_escape_string($pass);
	
	$total 	= mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_name` = '{$user}' AND `user_password` = '{$pass}'");

	return (mysql_result($total, 0) == '1') ? true : false;
}

// checks is the given user account is active.
function is_active($user) {
	$user = mysql_real_escape_string($user);
	
	$sql = "SELECT
				COUNT(`user_activations`.`user_id`)
			FROM `users`
			INNER JOIN `user_activations`
			ON `users`.`user_id` = `user_activations`.`user_id`
			WHERE `users`.`user_name` = '{$user}'";
			
	$result = mysql_query($sql);
	
	return (mysql_result($result, 0) == '0') ? true : false;
}


// activates the account related to the given activation code.
function activate_account($aid) {
	$aid = mysql_real_escape_string($aid);
	
	mysql_query("DELETE FROM `user_activations` WHERE `activation_code` = '{$aid}'");
}

// adds a user to the database
function add_user($user, $email, $pass) {
	$user 	= mysql_real_escape_string(htmlentities($user));
	$email 	= mysql_real_escape_string($email);
	$pass 	= sha1($pass);
	
	$charset = array_flip(array_merge(range('a', 'z'), range('A', 'Z'), range('0', '9')));
	$aid = implode('', array_rand($charset, 10));
	
	$body = <<<EMAIL

	Hi,
	
	Thanks for registering, before you login you need to activate your account.
	
	To do that simply click the following link.
	
	http://dev.onslowdemolering.dk/activate.php?aid={$aid}

EMAIL;

	mail($email, 'Your new account at onslowdemolering.dk', $body, 'From: ekim@onslowdemolering.dk');
	
	mysql_query("INSERT INTO `users` (`user_name`, `user_password`, `user_email`) VALUES ('{$user}', '{$pass}', '{$email}')");
	
	$user_id = mysql_insert_id();
	
	mysql_query("INSERT INTO `user_activations` (`user_id`, `activation_code`) VALUES ({$user_id}, '{$aid}')");
}

?>
its not working the http://dev.onslowdemolering.dk/login.php its still nothing showing now at all :s

Regards
Hys
I get an http 500 error. Is the server down?

Re: User Profile with your login system.

Posted: Wed Jan 25, 2012 9:18 am
by hys
Hi, no the server is not down.

the only file i have changed is the init.inc.php i have not changed the other sites.

when i delete this code
function fetch_current_user_id($username){
$username = mysql_real_escape_string($username);
$sql = 'SELECT `user_id` FROM `users` WHERE `user_name` = '{$username}'';
 
$result = mysql_query($sql);
 
return mysql_result($result, 0);
 
}
 
if(empty($_SESSION['uid'])) {
$_SESSION['uid'] = fetch_current_user_id($_SESSION['username']);
 
}
i can see the site but the edit_profile i still not working same as the protected when i click profile. (the profile does not exist)

Regards
HYS

Re: User Profile with your login system.

Posted: Wed Jan 25, 2012 3:20 pm
by Temor
Okay. I still get an http error 500 message and I can't spot what's causing this your code to fail.
Your code works perfectly on my local server so it leads me to believe that your server is acting strange.

Re: User Profile with your login system.

Posted: Wed Jan 25, 2012 3:45 pm
by hys
Oh my gosh,

How do i make a localserver so i can try it myself :)

Regards
Hys

Re: User Profile with your login system.

Posted: Wed Jan 25, 2012 3:54 pm
by Temor
hys wrote:Oh my gosh,

How do i make a localserver so i can try it myself :)

Regards
Hys
Easiest way is to install a package including apache and mysql.
I use Xampp.
http://www.apachefriends.org/en/xampp.html

It's really easy to use.

Re: User Profile with your login system.

Posted: Wed Jan 25, 2012 4:21 pm
by hys
When i take this code out of init.inc.php
function fetch_current_user_id($username){
$username = mysql_real_escape_string($username);
$sql = 'SELECT `user_id` FROM `users` WHERE `user_name` = '{$username}'';
 
$result = mysql_query($sql);
 
return mysql_result($result, 0);
 
}
 
if(empty($_SESSION['uid'])) {
$_SESSION['uid'] = fetch_current_user_id($_SESSION['username']);
 
}
Then u can click on the site and it works but when u click edit_profil.php then it don't work i don't work, i think its something whit that bit code there is wrong.

Re: User Profile with your login system.

Posted: Sat Jan 28, 2012 10:26 pm
by jacek
hys wrote:Then u can click on the site and it works but when u click edit_profil.php then it don't work i don't work, i think its something whit that bit code there is wrong.
The function should not be defined directly in the init.inc.php file since it makes sense that it could be used in other files.

There is a syntax error on the line starting with $sql, are you sure you have your php.ini set up right to show all errors ?

Re: User Profile with your login system.

Posted: Thu Feb 02, 2012 11:31 pm
by hys
its still not working :s i well be really glad if someone can find the problem and say whats wrong. :s

Re: User Profile with your login system.

Posted: Fri Feb 03, 2012 12:53 am
by jacek
hys wrote:its still not working :s i well be really glad if someone can find the problem and say whats wrong. :s
Post your current code and what the problem is ...

Re: User Profile with your login system.

Posted: Fri Feb 03, 2012 5:06 pm
by hys
Check site one. and the top i passed the code and the problem i have :D

i have tryed so menny things but nothing is working for me at all.

Re: User Profile with your login system.

Posted: Sat Feb 04, 2012 12:34 am
by jacek
hys wrote:Check site one. and the top i passed the code and the problem i have :D

i have tryed so menny things but nothing is working for me at all.
We need to see your code as it is now, you have made some changes so the problems may have moved :)

Re: User Profile with your login system.

Posted: Sat Feb 04, 2012 9:56 am
by hys
Okay here is all the code i have.

login.php 
<?php 

include('core/init.inc.php');

$errors = array();

if (isset($_POST['username'], $_POST['password'])) {
	if (empty($_POST['username'])) {
		$errors[] = 'The username cannot be empty.';
	}
	
	if (empty($_POST['password'])) {
		$errors[] = 'The password cannot be empty.';
	}
	
	if (valid_credentials($_POST['username'], sha1($_POST['password'])) === false) {
		$errors[] = 'Username / Password incorrect.';
	}
	
	if (empty($errors) && is_active($_POST['username']) === false) {
		$errors[] = 'This account has not yet been activated.';
	}
	
	if (empty($errors)) {
		if (isset($_POST['set_cookie']) && $_POST['set_cookie'] == '1') {
			setcookie('username', $_POST['username'], time() + 604800);
			setcookie('password', sha1($_POST['password']), time() + 604800);
		}
	
		$_SESSION['username'] = htmlentities($_POST['username']);
		
		header('Location: protected.php');
		die();
	}
}

?>
<!DOCTYPE html>

<html lang="da">
<head>
        <meta charset="utf-8">
        <title></title>
	<link rel="stylesheet" type="text/css" href="ext/css/style.css" />

</head>
	<body>
		<div>
			<?php
			
			if (empty($errors) === false) {
				?>
				<ul>
					<?php
					
					foreach ($errors as $error) {
						echo "<li>{$error}</li>";
					}
					
					?>
				</ul>
				<?php
			} else {
				echo 'Need an account ? <a href="register.php">Register here</a>';
			}
			
			?>
		</div>
		<form action="" method="post">
			<p>
				<label for="username">Username:</label>
				<input type="text" name="username" id="username" value="<?php if (isset($_POST['username'])) echo htmlentities($_POST['username']); ?>" />
			</p>
			<p>
				<label for="password">Password:</label>
				<input type="password" name="password" id="password" />
			</p>
			<p>
				<label for="set_cookie">Remember me:</label>
				<input type="checkbox" name="set_cookie" id="set_cookie" value="1" />
			</p>
			<p>
				<input type="submit" value="Login" />
			</p>
		</form>
	</body>
</html>
logout.php 
<?php

session_start();

$_SESSION = array();

session_destroy();

if (isset($_COOKIE['username'], $_COOKIE['password'])) {
	setcookie('username', '', time());
	setcookie('password', '', time());
}

header('Location: protected.php');

?>
profile.php 
<?php 

include('core/init.inc.php');

$user_info = fetch_user_info($_GET['uid']);

?>
<!DOCTYPE html>

<html lang="da">
<head>
        <meta charset="utf-8">
        <title><?php echo $user_info['username']; ?>'s Profile</title>
	<link rel="stylesheet" type="text/css" href="ext/css/style.css" />

</head>
	<body>
		<div>
	<?php
		
	if ($user_info === false) {
		echo 'That user does not exist.';
	} else {
		
		?>
		<h1><?php echo $user_info['firstname']; ?> <?php echo $user_info['lastname']; ?></h1>
		<p>Username: <?php echo $user_info['username']; ?></p>
		<p>Gender: <?php echo ($user_info['gender'] == 1) ? 'Male' : 'Female'; ?></p>
		<p>Email: <?php echo $user_info['email']; ?></p>
		<p>Location: <?php echo $user_info['location']; ?></p>
		<p><?php echo $user_info['about']; ?></p>
		<?php
	
	}
	
	?>
		</div>
	</body>
</html>
protected.php 
<?php 

include('core/init.inc.php');

$user_info = fetch_user_info($_SESSION['uid']);

?>
<!DOCTYPE html>

<html lang="da">
<head>
        <meta charset="utf-8">
        <title></title>
	<link rel="stylesheet" type="text/css" href="ext/css/style.css" />

</head>
	<body>
		<p>
			You are logged in as <b><?php echo $_SESSION['username']; ?></b>
		</p>
		<li>
			<a href="user_list.php">Userlist</a>
		</li>	
		<li>
			<a href="profile.php?uid=<?php echo $_SESSION['uid']; ?>">Profile</a>
		</li>	
		<li>
			<a href="edit_profile.php">Edit Profile</a>
		</li>	
		<li>
			<a href="logout.php">Logout</a>
		</li>
	</body>
</html>
register.php 
<?php 

include('core/init.inc.php');

$errors = array();

if (isset($_POST['username'], $_POST['password'], $_POST['repeat_password'])) {
	if (empty($_POST['username'])) {
		$errors[] = 'The username cannot be empty.';
	}
	
	if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) {
		$errors[] = 'The email address you entered does not appear to be valid.';
	}
	
	if (empty($_POST['password']) || empty($_POST['repeat_password'])) {
		$errors[] = 'The password cannot be empty.';
	}
	
	if ($_POST['password'] !== $_POST['repeat_password']) {
		$errors[] = 'Password verification failed.';
	}
	
	if (user_exists($_POST['username'])) {
		$errors[] = 'The username you entered is already taken.';
	}
	
	if (empty($errors)) {
		add_user($_POST['username'], $_POST['email'], $_POST['password']);
		
		header('Location: protected.php');
		die();
	}
}

?>
<!DOCTYPE html>

<html lang="da">
<head>
        <meta charset="utf-8">
        <title></title>
	<link rel="stylesheet" type="text/css" href="ext/css/style.css" />

</head>
	<body>
		<div>
			<?php
			
			if (empty($errors) === false) {
				?>
				<ul>
					<?php
					
					foreach ($errors as $error) {
						echo "<li>{$error}</li>";
					}
					
					?>
				</ul>
			<?php
			}
			
				?>
		</div>
		<form action="" method="post">
			<p>
				<label for="username">Username:</label>
				<input type="text" name="username" id="username" value="<?php if (isset($_POST['username'])) echo htmlentities($_POST['username']); ?>" />
			</p>
			<p>
				<label for="email">Email:</label>
				<input type="text" name="email" id="email" value="<?php if (isset($_POST['email'])) echo htmlentities($_POST['email']); ?>" />
			</p>
			<p>
				<label for="password">Password:</label>
				<input type="password" name="password" id="password" />
			</p>
			<p>
				<label for="repeat_password">Repeat Password:</label>
				<input type="password" name="repeat_password" id="repeat_password" />
			</p>
			<p>
				<input type="submit" value="Register" />
			</p>
		</form>
	</body>
</html>
user_list.php 
<?php 

include('core/init.inc.php');

?>
<!DOCTYPE html>

<html lang="da">
<head>
        <meta charset="utf-8">
        <title></title>
	<link rel="stylesheet" type="text/css" href="ext/css/style.css" />

</head>
	<body>
		<div>
		<h2>Userlist</h2>
			<?php
			
			foreach (fetch_users() as $user) {
				?>
				<p>
					<a href="profile.php?uid=<?php echo $user['id']; ?>"><?php echo $user['username']; ?></a>
				</p>
				<?php
			}
			
			?>
		</div>
	</body>
</html>
activate.php 
<?php

include('core/init.inc.php');

if (isset($_GET['aid'])) {
	activate_account($_GET['aid']);
}

?>
<!DOCTYPE html>

<html lang="da">
<head>
        <meta charset="utf-8">
        <title></title>
	<link rel="stylesheet" type="text/css" href="ext/css/style.css" />

</head>
	<body>
		<p>
			Your account has been activated, you can now <a href="login.php">Log in</a>.
		</p>
	</body>
</html>
edit_profile.php 
<?php 

include('core/init.inc.php');

$user_info = fetch_user_info($_SESSION['uid']);

?>
<!DOCTYPE html>

<html lang="da">
<head>
        <meta charset="utf-8">
        <title>Edit Your Profile</title>
	<link rel="stylesheet" type="text/css" href="ext/css/style.css" />
	
</head>
	<body>
		<div>
			<?php
			


			?>
		</div>
		<form action="" method="post">
			<p>
				<label for="email">Email:</label>
				<input type="text" name="email" id="email" value="<?php echo $user_info['email']; ?>" />
			</p>
			<p>
				<label for="location">Location:</label>
				<input type="text" name="location" id="location" value="<?php echo $user_info['location']; ?>" />
			</p>
			<p>
				<label for="about">About Me:</label>
				<textarea name="about" id="about" rows="14" cols="50"><?php echo $user_info['about']; ?></textarea>
			</p>
			<p>
				<input type="submit" value="Update" />
			</p>
		</form>
	</body>
</html>
core/init.inc.php 
<?php

error_reporting(E_ALL);

session_start();

$exceptions = array('register', 'login', 'activate');

$page = substr(end(explode('/', $_SERVER['SCRIPT_NAME'])), 0, -4);

mysql_connect('SECRET!', 'SECRET!', 'SECRET!');
mysql_select_db('SECRET!');

$path = dirname(__FILE__);

include("{$path}/inc/user.inc.php");

if (isset($_COOKIE['username'], $_COOKIE['password']) && isset($_SESSION['username']) === false) {
	if (valid_credentials($_COOKIE['username'], $_COOKIE['password'])) {
		$_SESSION['username'] = htmlentities($_COOKIE['username']);
		
		setcookie('username', $_COOKIE['username'], time() + 604800);
		setcookie('password', $_COOKIE['password'], time() + 604800);
	}
}

if (in_array($page, $exceptions) === false) {
	if (isset($_SESSION['username']) === false) {
		header('Location: login.php');
		die();
	}
}

?>
core/inc/user_inc.php 
<?php

function fetch_current_user_id($username){
$username = mysql_real_escape_string($username);
$sql = 'SELECT `user_id` FROM `users` WHERE `user_name` = '{$username}'';
 
$result = mysql_query($sql);
 
return mysql_result($result, 0);
 
}

if(empty($_SESSION['uid'])) {
$_SESSION['uid'] = fetch_current_user_id($_SESSION['username']);

}

// fetches all of the users from the table.
function fetch_users() {
	$result = mysql_query('SELECT `user_id` AS `id`, `user_name` AS `username` FROM `users`');
	
	$users = array();
	
	while (($row = mysql_fetch_assoc($result)) !== false) {
		$users[] = $row;
	}	
	
	return $users;
}

// fetches profile infomation for the given user.
function fetch_user_info($uid) {
	$uid = (int)$uid;
	
	$sql = "SELECT
				`user_name` AS `username`,
				`user_firstname` AS `firstname`,
				`user_lastname` AS `lastname`,
				`user_email` AS `email`,
				`user_about` AS `about`,
				`user_location` AS `location`,
				`user_gender` AS `gender`
			FROM `users`
			WHERE `user_id` = {$uid}";
			
	$result = mysql_query($sql);
	
	return mysql_fetch_assoc($result);
}

// check if the given username exists in the database.
function user_exists($user) {
	$user 	= mysql_real_escape_string($user);
	
	$total 	= mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_name` = '{$user}'");
	
	return (mysql_result($total, 0) == '1') ? true : false;
}

// check if the given username and password combination is valid.
function valid_credentials($user, $pass) {
	$user 	= mysql_real_escape_string($user);
	$pass 	= mysql_real_escape_string($pass);
	
	$total 	= mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_name` = '{$user}' AND `user_password` = '{$pass}'");

	return (mysql_result($total, 0) == '1') ? true : false;
}

// checks is the given user account is active.
function is_active($user) {
	$user = mysql_real_escape_string($user);
	
	$sql = "SELECT
				COUNT(`user_activations`.`user_id`)
			FROM `users`
			INNER JOIN `user_activations`
			ON `users`.`user_id` = `user_activations`.`user_id`
			WHERE `users`.`user_name` = '{$user}'";
			
	$result = mysql_query($sql);
	
	return (mysql_result($result, 0) == '0') ? true : false;
}


// activates the account related to the given activation code.
function activate_account($aid) {
	$aid = mysql_real_escape_string($aid);
	
	mysql_query("DELETE FROM `user_activations` WHERE `activation_code` = '{$aid}'");
}

// adds a user to the database
function add_user($user, $email, $pass) {
	$user 	= mysql_real_escape_string(htmlentities($user));
	$email 	= mysql_real_escape_string($email);
	$pass 	= sha1($pass);
	
	$charset = array_flip(array_merge(range('a', 'z'), range('A', 'Z'), range('0', '9')));
	$aid = implode('', array_rand($charset, 10));
	
	$body = <<<EMAIL

	Hi,
	
	Thanks for registering, before you login you need to activate your account.
	
	To do that simply click the following link.
	
	http://dev.onslowdemolering.dk/activate.php?aid={$aid}

EMAIL;

	mail($email, 'Your new account at onslowdemolering.dk', $body, 'From: ekim@onslowdemolering.dk');
	
	mysql_query("INSERT INTO `users` (`user_name`, `user_password`, `user_email`) VALUES ('{$user}', '{$pass}', '{$email}')");
	
	$user_id = mysql_insert_id();
	
	mysql_query("INSERT INTO `user_activations` (`user_id`, `activation_code`) VALUES ({$user_id}, '{$aid}')");
}

?>

Re: User Profile with your login system.

Posted: Sat Feb 04, 2012 11:40 pm
by waleed3011
But i get an error here: 
function fetch_user_info($uid) {
        $uid = (int)$uid;
       
        $sql = "SELECT
                                `user_name` AS `username`,
                                `user_firstname` AS `firstname`,
                                `user_lastname` AS `lastname`,
                                `user_email` AS `email`,
                                `user_about` AS `about`,
                                `user_location` AS `location`,
                                `user_gender` AS `gender`
                        FROM `users`
                        WHERE `user_id` = {$uid}";
                       
        $result = mysql_query($sql);
       
        return mysql_fetch_assoc($result); //Error here - this is line 31 :S
}
The error says: Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in /home/techozin/public_html/multiligase/core/user.inc.php on line 31

Re: User Profile with your login system.

Posted: Sun Feb 05, 2012 9:54 am
by hys
waleed3011, please don't take the code try go true the tut vids.

i had to past all my code so he could help me.

Re: User Profile with your login system.

Posted: Sun Feb 05, 2012 9:57 am
by bowersbros
REally, you should make your own thread. But if you add 
echo mysql_error();
below your query line, it will give you what the problem is.

Most likely, Database or table name is incorrect. Or you are not connected to the database in that page.
All times are UTC
Page 2 of 3

Powered by phpBB® Forum Software © phpBB Limited