Connect this Gbook to my Login database.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Connect this Gbook to my Login database.

    Help me please. I saw this guest in the web. I like it coz its simple. I want it to connect to my login system database so that the user dont need to type his/her name into the guestbook everytime he likes to leave a message. The name that will appear in the guestbook is the one that he uses when he logged in.

    I think i need another field in my database called message and date for his the messages and for the time that he posted a message.

    PHP Code:
    <?php
    $host 
    "localhost";
    $user "username";
    $pass "password";
    $db "database";



    mysql_connect
    ($host$user$pass) OR die ("Could not connect to the server.");
    mysql_select_db($db) OR die
    (
    "Could not connect to the database.");

    $name stripslashes($_POST['txtName']);
    $message stripslashes($_POST['txtMessage']);

    if (!isset(
    $_POST['txtName'])) {

        
    $query "SELECT id, name, message, DATE_FORMAT
    (date, '%D %M, %Y @ %H:
    %i') as newdate FROM guests ORDER BY id DESC"
    ;
        
    $result mysql_query($query);

        while (
    $row mysql_fetch_object($result)) {

    ?>

    <p><strong><?php echo $row->message?></strong>
    <br />Posted by <?php echo $row->name?> on <?php echo $row->newdate?></p>

    <?php

        
    }

    ?>

    <p>Post a message</p>

    <form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">

        <p><label for="txtName">Name:</label><br />
        <input type="text" title="Enter your name" name="txtName" /></p>

        <p><label for="txtMessage">Your message:</label><br />
        <textarea title="Enter your message" name="txtMessage"></textarea></p>

        <p><label title="Send your message">
        <input type="submit" value="Send" /></label></p>

    </form>

    <?php

    }

    else {

        
    // Adds the new entry to the database
        
    $query "INSERT INTO guests SET message='$message', name='$name', date=NOW
    ()"
    ;
        
    $result mysql_query($query);

        
    // Takes us back to the entries
        
    $ref $_SERVER['HTTP_REFERER'];
        
    header ("Location: $ref");
    }

    ?>
    This is my current database.

    PHP Code:
     username varchar(30primary key,
     
    password varchar(32),
     
    userid varchar(32),
     
    userlevel tinyint(1unsigned not null,
     
    email varchar(50),
     
    timestamp int(11unsigned not null 
    Thanks.

    #2
    how does you login system looks like?
    Advertise your mobile site for FREE with AdTwirl

    Comment


      #3
      Heres my login system.

      PHP Code:
      <?

      <html>
      <title>Login Script</title>
      <body>

      <table>
      <tr><td>


      <?
      /**
       * User has already logged in, so display relavent links, including
       * a link to the admin center if the user is an administrator.
       */
      if($session->logged_in){
         echo "<h1>Logged In</h1>";
         echo "Welcome <b>$session->username</b>, you are logged in. <br><br>"
             ."[<a href=\"userinfo.php?user=$session->username\">My Account</a>] &nbsp;&nbsp;"
             ."[<a href=\"useredit.php\">Edit Account</a>] &nbsp;&nbsp;";
         if($session->isAdmin()){
            echo "[<a href=\"admin/admin.php\">Admin Center</a>] &nbsp;&nbsp;";
         }
         echo "[<a href=\"process.php\">Logout</a>]";
      }
      else{
      ?>

      <h1>Login</h1>
      <?
      /**
       * User not logged in, display the login form.
       * If user has already tried to login, but errors were
       * found, display the total number of errors.
       * If errors occurred, they will be displayed.
       */
      if($form->num_errors > 0){
         echo "<font size=\"2\" color=\"#ff0000\">".$form->num_errors." error(s) found</font>";
      }
      ?>
      <form action="process.php" method="POST">
      <table align="left" border="0" cellspacing="0" cellpadding="3">
      <tr><td>Username:</td><td><input type="text" name="user" maxlength="30" value="<? echo $form->value("user"); ?>"></td><td><? echo $form->error("user"); ?></td></tr>
      <tr><td>Password:</td><td><input type="password" name="pass" maxlength="30" value="<? echo $form->value("pass"); ?>"></td><td><? echo $form->error("pass"); ?></td></tr>
      <tr><td colspan="2" align="left"><input type="checkbox" name="remember" <? if($form->value("remember") != ""){ echo "checked"; } ?>>
      <font size="2">Remember me next time &nbsp;&nbsp;&nbsp;&nbsp;
      <input type="hidden" name="sublogin" value="1">
      <input type="submit" value="Login"></td></tr>
      <tr><td colspan="2" align="left"><br><font size="2">[<a href="forgotpass.php">Forgot Password?</a>]</font></td><td align="right"></td></tr>
      <tr><td colspan="2" align="left"><br>Not registered? <a href="register.php">Sign-Up!</a></td></tr>
      </table>
      </form>

      <?
      }

      /**
       * Just a little page footer, tells how many registered members
       * there are, how many users currently logged in and viewing site,
       * and how many guests viewing site. Active users are displayed,
       * with link to their user information.
       */
      echo "</td></tr><tr><td align=\"center\"><br><br>";
      echo "<b>Member Total:</b> ".$database->getNumMembers()."<br>";
      echo "There are $database->num_active_users registered members and ";
      echo "$database->num_active_guests guests viewing the site.<br><br>";

      include("include/view_active.php");

      ?>


      </td></tr>
      </table>


      </body>
      </html>
      I think you will need this.

      Process.php

      PHP Code:
      <?

      include("include/session.php");

      class Process
      {
         /* Class constructor */
         function Process(){
            global $session;
            /* User submitted login form */
            if(isset($_POST['sublogin'])){
               $this->procLogin();
            }
            /* User submitted registration form */
            else if(isset($_POST['subjoin'])){
               $this->procRegister();
            }
            /* User submitted forgot password form */
            else if(isset($_POST['subforgot'])){
               $this->procForgotPass();
            }
            /* User submitted edit account form */
            else if(isset($_POST['subedit'])){
               $this->procEditAccount();
            }
            /**
             * The only other reason user should be directed here
             * is if he wants to logout, which means user is
             * logged in currently.
             */
            else if($session->logged_in){
               $this->procLogout();
            }
            /**
             * Should not get here, which means user is viewing this page
             * by mistake and therefore is redirected.
             */
             else{
                header("Location: main.php");
             }
         }

         /**
          * procLogin - Processes the user submitted login form, if errors
          * are found, the user is redirected to correct the information,
          * if not, the user is effectively logged in to the system.
          */
         function procLogin(){
            global $session, $form;
            /* Login attempt */
            $retval = $session->login($_POST['user'], $_POST['pass'], isset($_POST['remember']));
            
            /* Login successful */
            if($retval){
               header("Location: ".$session->referrer);
            }
            /* Login failed */
            else{
               $_SESSION['value_array'] = $_POST;
               $_SESSION['error_array'] = $form->getErrorArray();
               header("Location: ".$session->referrer);
            }
         }
         
         /**
          * procLogout - Simply attempts to log the user out of the system
          * given that there is no logout form to process.
          */
         function procLogout(){
            global $session;
            $retval = $session->logout();
            header("Location: main.php");
         }
         
         /**
          * procRegister - Processes the user submitted registration form,
          * if errors are found, the user is redirected to correct the
          * information, if not, the user is effectively registered with
          * the system and an email is (optionally) sent to the newly
          * created user.
          */
         function procRegister(){
            global $session, $form;
            /* Convert username to all lowercase (by option) */
            if(ALL_LOWERCASE){
               $_POST['user'] = strtolower($_POST['user']);
            }
            /* Registration attempt */
            $retval = $session->register($_POST['user'], $_POST['pass'], $_POST['email']);
            
            /* Registration Successful */
            if($retval == 0){
               $_SESSION['reguname'] = $_POST['user'];
               $_SESSION['regsuccess'] = true;
               header("Location: ".$session->referrer);
            }
            /* Error found with form */
            else if($retval == 1){
               $_SESSION['value_array'] = $_POST;
               $_SESSION['error_array'] = $form->getErrorArray();
               header("Location: ".$session->referrer);
            }
            /* Registration attempt failed */
            else if($retval == 2){
               $_SESSION['reguname'] = $_POST['user'];
               $_SESSION['regsuccess'] = false;
               header("Location: ".$session->referrer);
            }
         }
         
         /**
          * procForgotPass - Validates the given username then if
          * everything is fine, a new password is generated and
          * emailed to the address the user gave on sign up.
          */
         function procForgotPass(){
            global $database, $session, $mailer, $form;
            /* Username error checking */
            $subuser = $_POST['user'];
            $field = "user";  //Use field name for username
            if(!$subuser || strlen($subuser = trim($subuser)) == 0){
               $form->setError($field, "* Username not entered<br>");
            }
            else{
               /* Make sure username is in database */
               $subuser = stripslashes($subuser);
               if(strlen($subuser) < 5 || strlen($subuser) > 30 ||
                  !eregi("^([0-9a-z])+$", $subuser) ||
                  (!$database->usernameTaken($subuser))){
                  $form->setError($field, "* Username does not exist<br>");
               }
            }
            
            /* Errors exist, have user correct them */
            if($form->num_errors > 0){
               $_SESSION['value_array'] = $_POST;
               $_SESSION['error_array'] = $form->getErrorArray();
            }
            /* Generate new password and email it to user */
            else{
               /* Generate new password */
               $newpass = $session->generateRandStr(8);
               
               /* Get email of user */
               $usrinf = $database->getUserInfo($subuser);
               $email  = $usrinf['email'];
               
               /* Attempt to send the email with new password */
               if($mailer->sendNewPass($subuser,$email,$newpass)){
                  /* Email sent, update database */
                  $database->updateUserField($subuser, "password", md5($newpass));
                  $_SESSION['forgotpass'] = true;
               }
               /* Email failure, do not change password */
               else{
                  $_SESSION['forgotpass'] = false;
               }
            }
            
            header("Location: ".$session->referrer);
         }
         
         /**
          * procEditAccount - Attempts to edit the user's account
          * information, including the password, which must be verified
          * before a change is made.
          */
         function procEditAccount(){
            global $session, $form;
            /* Account edit attempt */
            $retval = $session->editAccount($_POST['curpass'], $_POST['newpass'], $_POST['email']);

            /* Account edit successful */
            if($retval){
               $_SESSION['useredit'] = true;
               header("Location: ".$session->referrer);
            }
            /* Error found with form */
            else{
               $_SESSION['value_array'] = $_POST;
               $_SESSION['error_array'] = $form->getErrorArray();
               header("Location: ".$session->referrer);
            }
         }
      };

      /* Initialize process */
      $process = new Process;

      ?>

      Comment


        #4
        PHP Code:
        <? 
        if($session->logged_in){//SSESSION

        $host = "localhost"; 
        $user = "username"; 
        $pass = "password"; 
        $db = "database"; 



        mysql_connect 
        ($host, $user, $pass) OR die ("Could not connect to the server."); 
        mysql_select_db($db) OR die 
        ("Could not connect to the database."); 

        $name = stripslashes($_POST['txtName']); 
        $message = stripslashes($_POST['txtMessage']); 

        if (!isset($_POST['txtName'])) { 

            $query = "SELECT id, name, message, DATE_FORMAT 
        (date, '%D %M, %Y @ %H: 
        %i') as newdate FROM guests ORDER BY id DESC"; 
            $result = mysql_query($query); 

            while ($row = mysql_fetch_object($result)) { 

        ?> 

        <p><strong><?php echo $row->message?></strong> 
        <br />Posted by <?php echo $row->name?> on <?php echo $row->newdate?></p> 

        <?php 

            


        ?> 

        <p>Post a message</p> 

        <form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>"> 

            <p><label for="txtName">Name:</label><br /> 
            <input type="text" title="Enter your name" name="txtName" /></p> 

            <p><label for="txtMessage">Your message:</label><br /> 
            <textarea title="Enter your message" name="txtMessage"></textarea></p> 

            <p><label title="Send your message"> 
            <input type="submit" value="Send" /></label></p> 

        </form> 

        <?php 



        else { 

            
        // Adds the new entry to the database 
            
        $query "INSERT INTO guests SET message='$message', name='$name', date=NOW 
        ()"

            
        $result mysql_query($query); 

            
        // Takes us back to the entries 
            
        $ref $_SERVER['HTTP_REFERER']; 
            
        header ("Location: $ref"); 
        }


        }
        //SESSION
        Advertise your mobile site for FREE with AdTwirl

        Comment


          #5
          What i meant is when the member wants to post a message, there is no need for him to type his name. Because the username he used to logged in will be the one that is automatically use in the guestbook. It not actually a guestbook coz its not for the guest, its for the members.

          I think the form has to be something like this.

          PHP Code:
          <form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">

              Name: <?php echo $session->username?><br />

              <p><label for="txtMessage">Your message:</label><br />
              <textarea title="Enter your message" name="txtMessage"></textarea></p>

              <p><label title="Send your message">
              <input type="submit" value="Send" /></label></p>

          </form>
          But i dont know what to do with this.

          PHP Code:
          $name stripslashes($_POST['txtName']);  
          $message stripslashes($_POST['txtMessage']);  

          if (!isset(
          $_POST['txtName'])) {  

              
          $query "SELECT id, name, message, DATE_FORMAT  
          (date, '%D %M, %Y @ %H:  
          %i') as newdate FROM guests ORDER BY id DESC"
          ;  
              
          $result mysql_query($query); 
          Last edited by infested13; 23.03.09, 14:45.

          Comment


            #6
            PHP Code:
            $name stripslashes($session->username); 
            Advertise your mobile site for FREE with AdTwirl

            Comment

            Working...
            X