PDA

View Full Version : would like to allow the logged in user to perform the following actions


Josh
11-08-2010, 02:38 PM
Hi,

I'm creating a talent website,

All my content is done. I've created a register, login and logout scripts, and added a my accounts tab which only that user can view. all the databases are linked and everything works fine.

this is the process in which I would like the user to be able to enter into a competition.

user finds the competition they want to enter, clicks "enter now" (the user can only get passed this page if they are logged in.)
when they are in, they get directed to the paypal page where they pay the fee. once it is paid they are re-directed to a file uploads page, (which I've already created) they can then upload their file to my server. when it is uploaded I would like an email to be sent to the email address they used on registering, confirming their entry.

Now when they upload their file, I would like to be able to know which username the file has come from.

all of this is the basic process of what I'd like for the moment, just to get started, I would like to be more advanced later with things like when they upload their file and they've entered the competition it tells them in their profile that they have entered that competition etc.

but for the moment, I would just like to have the basic process up and running.

please please please please could somebody point me in the right direction to achieving this. Any help, advice is much appreciated.

I hope that it's not too difficult.

Thank you,

Josh.

davidj
11-08-2010, 03:08 PM
if you have this functionality in place then its simple

when the user logs in capture this info from the login form or from a database query when you check their access in the db. Store it in a session and then re use it in your upload page so its inserted in the uploaded table in your db

Simples

Josh
11-08-2010, 04:16 PM
im sorry it sounds simple but to me I find it hard to understand where I put all this information, and what to do with it.

when the user clicks enter competition, i've put a check to see if the user is logged in or not, if they aren't, they get an error,

when they log in successfully, how do I make it so that it directs them to a page where I will have the pay now button, which after being paid, it will take them to the upload page.
as for re using the sessions so it's inserted in the uploaded table I'm not sure what that means.

this is the PHP code i have that checks the user is logged in.


<?php
session_start();
if ($_SESSION['username'])
echo "Welcome, ".$_SESSION['username']."!";
else
echo ("You are not logged in");
?>


i then want it to take them to a new page where they can pay a fee via paypal, and then it directs them to the upload page, which if they try to go directly to the upload page by just typing in the url, without paying the fee, then I need it to check that the user has paid.

i'm starting to confuse myself here.

sorry if this is all simple stuff, i'm a complete beginner.

Thanks,

Josh.

davidj
11-08-2010, 04:34 PM
when you login store the user info in a session

on the upload page just test that the session is set and bounce them back if its not...

session_start();

if(!isset($_SESSION['username'])){

header('location:index.php');
exit;

}


paste the above into a file and include it in every page which you need protecting

Josh
11-08-2010, 07:59 PM
ok i've logged in,

this is my form code for the "enter competition" button,

<form action='entercomp.php' method='POST'>
<p align="center">
<p align="center">
<input type='submit' value='ENTER COMPETITION'>


</form>


when i hit enter, it takes me to the entercomp.php page, this is the code for that



<?php
session_start();
if (isset($_SESSION['username']))
{
header('Location:http://www.onlinestage.co.uk/paynow.php');
}
else
echo "You are not logged in";
?>


if I am not logged in, then it tells me that i'm not logged in.

If I am logged in, it takes me to the entercomp.php page, and is blank.

but I've directed it to the paynow.php but it doesn't go there,

what's wrong with it?

Josh

davidj
11-08-2010, 09:27 PM
you need to look at my code more closely

you have missed stuff

Josh
11-09-2010, 12:53 AM
sorry I don't get it, given up, I need step by step guides. I know this is all easy stuff to you, but It's very annoying. I just can't see what goes where.

I've not got anywhere.

I've logged in, ok thats my session set.

now I want to make a button, that says ENTER COMPETITION, but on pressing that button I need it to check that the user is logged in, if they are logged in, when they press it, it takes them to the payment page. which they can then make a payment, and then it redirects them to the uploads page. when they upload the file, their username gets sent to me so I know who it's coming from.

if they are not logged in, they dont get access to the payment page, but an error on the same page saying "You Must Login First"

if I need to pay somebody to do this for me, I would be willing to do that, however I will give this another go tomorrow but It's very stressful when your not too sure what you're doing.

sorry dj, I appreciate your help, it's just hard for me to grasp where everything is supposed to fit. when you say create a file and put that php code into it, how do I link it, where etc etc. It's just confusing.

Arghhhhhhhhhhhhhhhhhhhhhhhhh

That's the login.php script


<?php

session_start();

$username = $_POST['username'];
$password = $_POST['password'];

if ($username&&$password)
{

$connect = mysql_connect("dummytext","dummytext","dummytext") or die ("couldn't connect!");
mysql_select_db("makeyoua_phplogin") or die ("couldn't find db");

$query = mysql_query("SELECT * FROM users WHERE username='$username'");

$numrows = mysql_num_rows($query);

if ($numrows!=0)
{

while ($row = mysql_fetch_assoc($query))

{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
// check to see if they match
if ($username==$dbusername&&md5($password)==$dbpassword)
{

$_SESSION['username']=$username;
header("Location: member.php");
exit();

}

else
echo "Incorrect Password!";

}

else
die("That user doesn't exist");
}

else
die("Please enter the correct username and password!");



?>



This is the member.php script which gets activated when the user tries to log in.

<?php

session_start();

if ($_SESSION['username'])

echo "Welcome, ".$_SESSION['username']."!";

else

echo ("You are not logged in");

?>


my enter competition button will be on a page called Sport.php



Josh.

davidj
11-09-2010, 05:38 AM
contact me through http://codezenith.co.uk

Josh
11-09-2010, 05:49 PM
Hi David, i'm getting there.

to try and avoid you having to go out of your way to help me on skype.

I'm at the point where if i'm logged in, I can access the page, but if i'm not logged in. when I press the button, the page just goes blank.


<?php
session_start();
if(!isset($_SESSION['username'])){
header("location:login.php");
exit;
}

?>


this is the form for when I click the ENTER COMPETITION button, the above code is checked
which is located at the top of the entercomp.php file


<form id="form1" name="form1" method="post" action="entercomp.php">
<input name="submit" type="submit" value="ENTER COMPETITION" />
</form>


if I am not logged in, it should take me to the login.html page, but instead it just goes blank.

so something is not quite right.

Thanks,

Josh.

Josh
11-09-2010, 06:21 PM
IVE DONE IT I THINK!! WOOHOO!!

i put this code at the top of the page i want to protect



<?php
//Start session
session_start();
//Check whether the session variable
//SESS_MEMBER_ID is present or not
if(!isset($_SESSION['username']) ||
(trim($_SESSION['username'])=='')) {
header("location: register.php");
exit();
}
?>


why do you think that this made it work?

thank you for your David, I think i've done it, it directs me to the register page now if the user isn't logged in.

and it shows the code if the user is logged in.

Thanks,

Josh.

davidj
11-09-2010, 07:15 PM
good

excellent work