Jump to content
xisto Community

amrytech

Members
  • Content Count

    5
  • Joined

  • Last visited

Everything posted by amrytech

  1. really!!!.. owh no. okey i try use php4 can use eastphp 3.0?
  2. actually, this code i get from my friend. i want built the system web base for my final project. the code for open userthe problem is i use in easyphp. when i login as admin, page loading not function. still at current page. i test code at DSV PHP editor. not error.so i no idea to solving the problem
  3. i want study the connection database and security user lever. but failerany body help me, where the problem is.here the code <?php/********************************************************************************* * Filename: common.php * PHP 4.0 *********************************************************************************/error_reporting (E_ALL ^ E_NOTICE);//===============================// Database Connection Definition//-------------------------------//Philmar Online Rent-a-Car Connection begininclude("./db_mysql.inc");define("DATABASE_NAME","car");define("DATABASE_USER","root");define("DATABASE_PASSWORD","");define("DATABASE_HOST","localhost");// Database Initialize$db = new DB_Sql();$db->Database = DATABASE_NAME;$db->User = DATABASE_USER;$db->Password = DATABASE_PASSWORD;$db->Host = DATABASE_HOST;// Philmar Online Rent-a-Car Connection end//===============================// Site Initialization//-------------------------------// Obtain the path where this site is located on the server//-------------------------------$app_path = ".";//-------------------------------// Create Header and Footer Path variables//-------------------------------$header_filename = "Header.html";$footer_filename = "Footer.html";//===============================//===============================// Common functions//-------------------------------// Convert non-standard characters to HTML//-------------------------------function tohtml($strValue){ return htmlspecialchars($strValue);}//-------------------------------// Convert value to URL//-------------------------------function tourl($strValue){ return urlencode($strValue);}//-------------------------------// Obtain specific URL Parameter from URL string//-------------------------------function get_param($param_name){ global $HTTP_POST_VARS; global $HTTP_GET_VARS; $param_value = ""; if(isset($HTTP_POST_VARS[$param_name])) $param_value = $HTTP_POST_VARS[$param_name]; else if(isset($HTTP_GET_VARS[$param_name])) $param_value = $HTTP_GET_VARS[$param_name]; return $param_value;}function get_session($param_name){ global $HTTP_POST_VARS; global $HTTP_GET_VARS; global ${$param_name}; $param_value = ""; if(!isset($HTTP_POST_VARS[$param_name]) && !isset($HTTP_GET_VARS[$param_name]) && session_is_registered($param_name)) $param_value = ${$param_name}; return $param_value;}function set_session($param_name, $param_value){ global ${$param_name}; if(session_is_registered($param_name)) session_unregister($param_name); ${$param_name} = $param_value; session_register($param_name);}function is_number($string_value){ if(is_numeric($string_value) || !strlen($string_value)) return true; else return false;}//-------------------------------// Convert value for use with SQL statament//-------------------------------function tosql($value, $type){ if(!strlen($value)) return "NULL"; else if($type == "Number") return str_replace (",", ".", doubleval($value)); else { if(get_magic_quotes_gpc() == 0) { $value = str_replace("'","''",$value); $value = str_replace("\\","\\\\",$value); } else { $value = str_replace("\\'","''",$value); $value = str_replace("\\\"","\"",$value); } return "'" . $value . "'"; }}function strip($value){ if(get_magic_quotes_gpc() == 0) return $value; else return stripslashes($value);}function db_fill_array($sql_query){ global $db; $db_fill = new DB_Sql(); $db_fill->Database = $db->Database; $db_fill->User = $db->User; $db_fill->Password = $db->Password; $db_fill->Host = $db->Host; $db_fill->query($sql_query); if ($db_fill->next_record()) { do { $ar_lookup[$db_fill->f(0)] = $db_fill->f(1); } while ($db_fill->next_record()); return $ar_lookup; } else return false;}//-------------------------------// Deprecated function - use get_db_value($sql)//-------------------------------function dlookup($table_name, $field_name, $where_condition){ $sql = "SELECT " . $field_name . " FROM " . $table_name . " WHERE " . $where_condition; return get_db_value($sql);}//-------------------------------// Lookup field in the database based on SQL query//-------------------------------function get_db_value($sql){ global $db; $db_look = new DB_Sql(); $db_look->Database = $db->Database; $db_look->User = $db->User; $db_look->Password = $db->Password; $db_look->Host = $db->Host; $db_look->query($sql); if($db_look->next_record()) return $db_look->f(0); else return "";}//-------------------------------// Obtain Checkbox value depending on field type//-------------------------------function get_checkbox_value($value, $checked_value, $unchecked_value, $type){ if(!strlen($value)) return tosql($unchecked_value, $type); else return tosql($checked_value, $type);}//-------------------------------// Obtain lookup value from array containing List Of Values//-------------------------------function get_lov_value($value, $array){ $return_result = ""; if(sizeof($array) % 2 != 0) $array_length = sizeof($array) - 1; else $array_length = sizeof($array); for($i = 0; $i < $array_length; $i = $i + 2) { if($value == $array[$i]) $return_result = $array[$i+1]; } return $return_result;}//-------------------------------// Verify user's security level and redirect to login page if needed//-------------------------------function check_security($security_level){ global $UserRights; if(!session_is_registered("UserID")) header ("Location: Login.php?querystring=" . urlencode(getenv("QUERY_STRING")) . "&ret_page=" . urlencode(getenv("REQUEST_URI"))); else if(!session_is_registered("UserRights") || $UserRights < $security_level) header ("Location: Login.php?querystring=" . urlencode(getenv("QUERY_STRING")) . "&ret_page=" . urlencode(getenv("REQUEST_URI")));}//===============================// GlobalFuncs begin// GlobalFuncs end//===============================?>and -------<?phpclass DB_Sql { /* public: connection parameters */ var $Host = ""; <--------------------------------------// necessary for me include data here!!!!!! var $Database = ""; var $User = ""; var $Password = ""; /* public: configuration parameters */ var $Auto_Free = 0; ## Set to 1 for automatic mysql_free_result() var $Debug = 0; ## Set to 1 for debugging messages. var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore errror, but spit a warning) var $Seq_Table = "db_sequence"; /* public: result array and current row number */ var $Record = array(); var $Row; /* public: current error number and error text */ var $Errno = 0; var $Error = ""; /* public: this is an api revision, not a CVS revision. */ var $type = "mysql"; var $revision = "1.2"; /* private: link and query handles */ var $Link_ID = 0; var $Query_ID = 0; /* public: constructor */ function DB_Sql($query = "") { $this->query($query); } /* public: some trivial reporting */ function link_id() { return $this->Link_ID; } function query_id() { return $this->Query_ID; } /* public: connection management */ function connect($Database = "", $Host = "", $User = "", $Password = "") <---------- // necessary for me include data here!!!!!!{ /* Handle defaults */ if ("" == $Database) $Database = $this->Database; if ("" == $Host) $Host = $this->Host; if ("" == $User) $User = $this->User; if ("" == $Password) $Password = $this->Password; /* establish connection, select database */ if ( 0 == $this->Link_ID ) { $this->Link_ID=mysql_pconnect($Host, $User, $Password); if (!$this->Link_ID) { $this->halt("connect($Host, $User, \$Password) failed."); return 0; } if (!@mysql_select_db($Database,$this->Link_ID)) { $this->halt("cannot use database ".$this->Database); return 0; } } return $this->Link_ID; } /* public: discard the query result */ function free() { @mysql_free_result($this->Query_ID); $this->Query_ID = 0; } /* public: perform a query */ function query($Query_String) { /* No empty queries, please, since PHP4 chokes on them. */ if ($Query_String == "") /* The empty query string is passed on from the constructor, * when calling the class without a query, e.g. in situations * like these: '$db = new DB_Sql_Subclass;' */ return 0; if (!$this->connect()) { return 0; /* we already complained in connect() about that. */ }; # New query, discard previous result. if ($this->Query_ID) { $this->free(); } if ($this->Debug) printf("Debug: query = %s<br>\n", $Query_String); $this->Query_ID = @mysql_query($Query_String,$this->Link_ID); $this->Row = 0; $this->Errno = mysql_errno(); $this->Error = mysql_error(); if (!$this->Query_ID) { $this->halt("Invalid SQL: ".$Query_String); } # Will return nada if it fails. That's fine. return $this->Query_ID; } /* public: walk result set */ function next_record() { if (!$this->Query_ID) { $this->halt("next_record called with no query pending."); return 0; } $this->Record = @mysql_fetch_array($this->Query_ID); $this->Row += 1; $this->Errno = mysql_errno(); $this->Error = mysql_error(); $stat = is_array($this->Record); if (!$stat && $this->Auto_Free) { $this->free(); } return $stat; } /* public: position in result set */ function seek($pos = 0) { $status = @mysql_data_seek($this->Query_ID, $pos); if ($status) $this->Row = $pos; else { $this->halt("seek($pos) failed: result has ".$this->num_rows()." rows"); /* half assed attempt to save the day, * but do not consider this documented or even * desireable behaviour. */ @mysql_data_seek($this->Query_ID, $this->num_rows()); $this->Row = $this->num_rows; return 0; } return 1; } /* public: table locking */ function lock($table, $mode="write") { $this->connect(); $query="lock tables "; if (is_array($table)) { while (list($key,$value)=each($table)) { if ($key=="read" && $key!=0) { $query.="$value read, "; } else { $query.="$value $mode, "; } } $query=substr($query,0,-2); } else { $query.="$table $mode"; } $res = @mysql_query($query, $this->Link_ID); if (!$res) { $this->halt("lock($table, $mode) failed."); return 0; } return $res; } function unlock() { $this->connect(); $res = @mysql_query("unlock tables"); if (!$res) { $this->halt("unlock() failed."); return 0; } return $res; } /* public: evaluate the result (size, width) */ function affected_rows() { return @mysql_affected_rows($this->Link_ID); } function num_rows() { return @mysql_num_rows($this->Query_ID); } function num_fields() { return @mysql_num_fields($this->Query_ID); } /* public: shorthand notation */ function nf() { return $this->num_rows(); } function np() { print $this->num_rows(); } function f($Name) { if(isset($this->Record[$Name])) return $this->Record[$Name]; else return ""; } function p($Name) { print $this->Record[$Name]; } /* public: sequence numbers */ function nextid($seq_name) { $this->connect(); if ($this->lock($this->Seq_Table)) { /* get sequence number (locked) and increment */ $q = sprintf("select nextid from %s where seq_name = '%s'", $this->Seq_Table, $seq_name); $id = @mysql_query($q, $this->Link_ID); $res = @mysql_fetch_array($id); /* No current value, make one */ if (!is_array($res)) { $currentid = 0; $q = sprintf("insert into %s values('%s', %s)", $this->Seq_Table, $seq_name, $currentid); $id = @mysql_query($q, $this->Link_ID); } else { $currentid = $res["nextid"]; } $nextid = $currentid + 1; $q = sprintf("update %s set nextid = '%s' where seq_name = '%s'", $this->Seq_Table, $nextid, $seq_name); $id = @mysql_query($q, $this->Link_ID); $this->unlock(); } else { $this->halt("cannot lock ".$this->Seq_Table." - has it been created?"); return 0; } return $nextid; } /* public: return table metadata */ function metadata($table='',$full=false) { $count = 0; $id = 0; $res = array(); /* * Due to compatibility problems with Table we changed the behavior * of metadata(); * depending on $full, metadata returns the following values: * * - full is false (default): * $result[]: * [0]["table"] table name * [0]["name"] field name * [0]["type"] field type * [0]["len"] field length * [0]["flags"] field flags * * - full is true * $result[]: * ["num_fields"] number of metadata records * [0]["table"] table name * [0]["name"] field name * [0]["type"] field type * [0]["len"] field length * [0]["flags"] field flags * ["meta"][field name] index of field named "field name" * The last one is used, if you have a field name, but no index. * Test: if (isset($result['meta']['myfield'])) { ... */ // if no $table specified, assume that we are working with a query // result if ($table) { $this->connect(); $id = @mysql_list_fields($this->Database, $table); if (!$id) $this->halt("Metadata query failed."); } else { $id = $this->Query_ID; if (!$id) $this->halt("No query specified."); } $count = @mysql_num_fields($id); // made this IF due to performance (one if is faster than $count if's) if (!$full) { for ($i=0; $i<$count; $i++) { $res[$i]["table"] = @mysql_field_table ($id, $i); $res[$i]["name"] = @mysql_field_name ($id, $i); $res[$i]["type"] = @mysql_field_type ($id, $i); $res[$i]["len"] = @mysql_field_len ($id, $i); $res[$i]["flags"] = @mysql_field_flags ($id, $i); } } else { // full $res["num_fields"]= $count; for ($i=0; $i<$count; $i++) { $res[$i]["table"] = @mysql_field_table ($id, $i); $res[$i]["name"] = @mysql_field_name ($id, $i); $res[$i]["type"] = @mysql_field_type ($id, $i); $res[$i]["len"] = @mysql_field_len ($id, $i); $res[$i]["flags"] = @mysql_field_flags ($id, $i); $res["meta"][$res[$i]["name"]] = $i; } } // free the result only if we were called on a table if ($table) @mysql_free_result($id); return $res; } /* private: error handling */ function halt($msg) { $this->Error = @mysql_error($this->Link_ID); $this->Errno = @mysql_errno($this->Link_ID); if ($this->Halt_On_Error == "no") return; $this->haltmsg($msg); if ($this->Halt_On_Error != "report") die("Session halted."); } function haltmsg($msg) { printf("</td></tr></table><b>Database error:</b> %s<br>\n", $msg); printf("<b>MySQL Error</b>: %s (%s)<br>\n", $this->Errno, $this->Error); } function table_names() { $this->query("SHOW TABLES"); $i=0; while ($info=mysql_fetch_row($this->Query_ID)) { $return[$i]["table_name"]= $info[0]; $return[$i]["tablespace_name"]=$this->Database; $return[$i]["database"]=$this->Database; $i++; } return $return; }}?>
  4. i want create web base sistem. this is login code. but the code have error. help me. the problem is when click login button, next page can not view but the same page view. login.php <?php/********************************************************************************* * Filename: Login.php * PHP 4.0 *********************************************************************************///-------------------------------// Login CustomIncludes begininclude ("./common.php");include ("./Header.php");include ("./Footer.php");// Login CustomIncludes end//-------------------------------session_start();//===============================// Save Page and File Name available into variables//-------------------------------$sFileName = "Login.php";//===============================//===============================// Login PageSecurity begin// Login PageSecurity end//===============================//===============================// Login Open Event begin// Login Open Event end//===============================//===============================// Login OpenAnyPage Event start// Login OpenAnyPage Event end//===============================//===============================//Save the name of the form and type of action into the variables//-------------------------------$sAction = get_param("FormAction");$sForm = get_param("FormName");//===============================// Login Show begin//===============================// Perform the form's action//-------------------------------// Initialize error variables//-------------------------------$sLoginErr = "";//-------------------------------// Select the FormAction//-------------------------------switch ($sForm) { case "Login": Login_action($sAction); break;}//===============================//===============================// Display page//===============================// HTML Page layout//-------------------------------?><html><head><title>Philmar Online Rent-a-Car</title><meta name="GENERATOR" content="Philmar"><meta http-equiv="pragma" content="no-cache"><meta http-equiv="expires" content="0"><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"></head><body style="background-color: #FFFFFF; color: #000000; font-family: Arial, Tahoma, Verdana, Helveticabackground-color: #FFFFFF; color: #000000; font-family: Arial, Tahoma, Verdana, Helvetica"><center> <table> <tr> <td valign="top"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>Philmar Online Rent-a-Car</title><script language="JavaScript" type="text/JavaScript"><!--function MM_preloadImages() { //v3.0 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}}function MM_swapImgRestore() { //v3.0 var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;}function MM_findObj(n, d) { //v4.01 var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) { d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);} if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n]; for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x;}function MM_swapImage() { //v3.0 var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}}//--></script></head><body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" onLoad="MM_preloadImages('images/mazda6_1.jpg','images/home_2.jpg','images/aboutus_2.jpg','images/contactus_2.jpg')"><table width="778" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td><img src="images/header1.jpg" width="778" height="110"></td> </tr></table><table width="778" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="55"><img src="images/header2.jpg" width="55" height="43"></td> <td width ="17"><a href="default.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('home','','images/home_2.jpg',1)"><img src="images/home_1.jpg" alt="home" name="home" width="63" height="43" border="0"></a></td> <td width ="114" valign="middle"><a href="about.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('aboutphilmar','','images/aboutus_2.jpg',1)"><img src="images/aboutus_1.jpg" alt="aboutphilmar" name="aboutphilmar" width="114" height="43" border="0"></a></td> <td width ="111"><a href="contact.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('contactus','','images/contactus_2.jpg',1)"><img src="images/contactus_1.jpg" alt="contactus" name="contactus" width="108" height="43" border="0"></a></td> <td width ="455"><img src="images/header3.jpg" width="438" height="43"></td> </tr></table><table width="778" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="55"><img src="images/header4.jpg" width="55" height="48"></td> <td> </td> <td width="438"><img src="images/header5.jpg" width="438" height="48"></td> </tr></table></body></html> <?php Menu_show() ?> </td> </tr> </table></center><table width="760" align="center"><tr> <td align="center"><hr color="#800000"><center> <table> <tr> <td valign="top"><?php Login_show() ?> </td> </tr> </table><hr color="#800000" width="60%"></td></tr></table><center> <table> <tr> <td valign="top"><?php Footer_show() ?> </td> </tr> </table> </center></body></html><?php// Login Show end//===============================// Login Close Event begin// Login Close Event end//===============================//********************************************************************************//===============================// Login Form Action//-------------------------------function Login_action($sAction){ global $db; global $sLoginErr; global $sFileName; global $styles; switch(strtolower($sAction)) { case "login"://-------------------------------// Login Login begin//------------------------------- $sLogin = get_param("Login"); $sPassword = get_param("Password"); $db->query("SELECT member_id,member_level FROM members WHERE member_login =" . tosql($sLogin, "Text") . " AND member_password=" . tosql($sPassword, "Text")); $is_passed = $db->next_record();//-------------------------------// Login OnLogin Event begin// Login OnLogin Event end//------------------------------- if($is_passed) {//-------------------------------// Login and password passed//------------------------------- set_session("UserID", $db->f("member_id")); set_session("UserRights", $db->f("member_level")); $sPage = get_param("ret_page"); if (strlen($sPage)) header("Location: " . $sPage); else header("Location: Reservation.php"); } else { $sLoginErr = "Login or Password is incorrect."; }//-------------------------------// Login Login end//------------------------------- break; case "logout"://-------------------------------// Logout action//-------------------------------//-------------------------------// Login Logout begin//-------------------------------//-------------------------------// Login OnLogout Event begin// Login OnLogout Event end//------------------------------- session_unregister("UserID"); session_unregister("UserRights"); if(strlen(get_param("ret_page"))) header("Location:" . $sFileName . "?ret_page=" . urlencode(get_param("ret_page"))); else header("Location:" . $sFileName);//-------------------------------// Login Logout end//------------------------------- break; }}//===============================//===============================// Display Login Form//-------------------------------function Login_show(){ global $sLoginErr; global $db; global $sFileName; global $styles; $querystring = get_param("querystring"); $ret_page = get_param("ret_page"); $sFormTitle = "Enter username and password";//-------------------------------// Login Show begin//-------------------------------//-------------------------------// Login Open Event begin// Login Open Event end//------------------------------- ?> <table style="width:100%"> <form action="<?= $sFileName ?>" method="POST"> <input type="hidden" name="FormName" value="Login"> <tr><td style="background-color: #336699; text-align: Center; border-style: outset; border-width: 1" colspan="2"><font style="font-size: 10pt; color: #FFFFFF; font-weight: bold"><?=$sFormTitle?></font></td></tr> <? if ($sLoginErr) { ?> <tr><td colspan="2" style="background-color: #FFFFFF; border-width: 1"><font style="font-size: 10pt; color: #000000"><?= $sLoginErr ?></font></td></tr> <? } ?> <? if(get_session("UserID") == "") {//-------------------------------//- User is not logged in//-------------------------------?> <tr><td style="background-color: #FFEAC5; border-style: inset; border-width: 0"><font style="font-size: 10pt; color: #000000">Login</font></td><td style="background-color: #FFFFFF; border-width: 1"> <input type="text" name="Login" value="<?=tohtml(get_param("Login"))?>" maxlength="50"?>" maxlength="50"></td></tr> <tr><td style="background-color: #FFEAC5; border-style: inset; border-width: 0"><font style="font-size: 10pt; color: #000000">Password</font></td><td style="background-color: #FFFFFF; border-width: 1"><input type="password" name="Password" maxlength="50"></td></tr> <tr><td colspan="2"> <input type="hidden" name="FormAction" value="login"> <input type="submit" value="Login"> </td></tr> <? } else {//-------------------------------// User is logged in//------------------------------- $db->query("SELECT member_login FROM members WHERE member_id=". get_session("UserID")); $db->next_record();?> <tr><td style="background-color: #FFFFFF; border-width: 1"><font style="font-size: 10pt; color: #000000"> <?= $db->f("member_login") ?></font> <input type="hidden" name="FormAction" value="logout"> <input type="submit" value="Logout"> </td></tr><? }?> <input type="hidden" name="ret_page" value="<?= $ret_page ?>"><input type="hidden" name="querystring" value="<?= $querystring ?>"></td></tr> </form></table><?//-------------------------------// Login Close Event begin// Login Close Event end//-------------------------------//-------------------------------// Login Show end//-------------------------------}//===============================?>
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.