Php Failure Help

[Jesse 0]

Hi, I need some help with a PHP Script that I am doing for my website members area. I have the login page and registration all done. And when someone is trying to sign up they get this information:

Warning: fopen(users.php): failed to open stream: Permission denied in /home/zcnet/public_html/members/addUser.php on line 182
Warning: fwrite(): supplied argument is not a valid stream resource in /home/zcnet/public_html/members/addUser.php on line 185

Warning: fclose(): supplied argument is not a valid stream resource in /home/zcnet/public_html/members/addUser.php on line 188

Warning: Cannot modify header information - headers already sent by (output started at /home/zcnet/public_html/members/addUser.php:8) in /home/zcnet/public_html/members/addUser.php on line 191

Any help on this would be grateful.

[Florisjuh 0]

Hmm, showing the error returning part of your script would be nice, since these debug messages don't give to much usefull information...Have you checked if all the variables you use are correctly typed?

[Jesse 0]

Yeah of course it would sorry. Here is a copy of the Script.

<?php

// Dont allow members to go to add user page
if(@$_SESSION['user']) header("location: login.php");
elseif(@$_POST['user']){
// Get and set vars (without html characters)
$user = htmlspecialchars(strtolower($_POST["user"]));
$pass = htmlspecialchars($_POST["pass"]);
$permission = 0;  // Default: user, until admin changes
$email = htmlspecialchars($_POST["email"]);
$url = htmlspecialchars($_POST["url"]);

// Add dots to date
if($_POST["day"]) $dob = $_POST["day"]. ".". $_POST["month"]. ".". $_POST["year"];
else $dob = false;

$location = htmlspecialchars($_POST["location"]);
$joined = $_POST["joined"];

// Create the string to append
$string = "\r\n". $user. "<del>". md5($pass). "<del>". $permission. "<del>". $email. "<del>". $url. "<del>". $dob. "<del>". $location. "<del>". $joined;

// Make sure username doesn't already exist
//-----------------------------------------
// Include the flat-file
$file = file("users.php") or die("Problem getting the user details flat-file [users.php]");

// Get the size of file
$totalLines = sizeof($file);

// Get the users details line by line
$line = 0;
$match = 0;
do{
  // Check the line isn't a comment
  if("//" != substr($file[$line], 0, 2)){
  // Break our records up
  @list($username, $password, $permission, $email, $url, $dob, $location, $joined) = explode("<del>", $file[$line]);

  // Check the username and passwords match
  if((strtolower($user) == strtolower($username))) $match = 1;
  else $match = 0;
  }

  // Exit loop if match found
  if($match) break;
 
  // Increment line count
  $line++;
} while($line < $totalLines);

// Only add new user if a match is not found
if($match){
?>
  <script language = "javascript" type = "text/javascript">
  <!-- // Go back
  alert("Username already taken, taking you back to choose another");
  history.go(-1);
  -->
  </script>
<?php
}
else{
  // Open the users file
  $fp = fopen("users.php", "a+");

  // Append the new user to end of users file
  fwrite($fp, $string);

  // Close the file
  fclose($fp);

  // Redirect to index
  header("index.php?new=1");
}
}
else{
?>
<html>
<head>

<link rel = "stylesheet" type = "text/css" href = "../style.css">
<title>members area: mike holloway</title>
</head>
<body onload = "document.getElementById('user').focus();">
<form method = "post" action = "<?php print($_SERVER['PHP_SELF']); ?>">
<table border = "0" cellspacing = "0" cellpadding = "10" width = "50%" align = "center" style = "height: 100%;">
<tr>
  <td colspan = "3" valign = "bottom">
  <span class="bold">Become a ZN Member. Fill in the information
  below.</span> <br>
  <span class="hilight">Bolded areas are required fields</span>
  </td>
</tr>
<tr>
  <td colspan = "3" height = "5%">
  <b><a href="index.php" style="text-decoration: none">
  <font color="#0000FF">Back</font></a><font color="#0000FF"> </font>
  </b>
  </td>
</tr>
<tr>
  <td width = "30%" height = "10" valign = "bottom">
  <span class="hilight">User Name:</span>
  </td>
  <td width = "70%" height = "10" valign = "bottom">
  <input type = "text" id = "user" name = "user" style = "width: 80%" class = "text" tabindex = "1">
  </td>
  <td rowspan = "7" width = "16" height = "16" align = "right" valign = "bottom">
  <input type = "hidden" name = "joined" value = "<?php print(date("d.m.Y H:i:s", mktime())); ?>">
  <input type = "Image" src = "http://forums.xisto.com/no_longer_exists/; width  = "16" height = "16" name = "submit" alt = "arrow pointing right: next" border = "0" align = "top" onfocus = "return checkFields();" tabindex = "10"></a>
  </td>
</tr>
<tr>
  <td width = "30%" height = "10" valign = "bottom">
  <span class="hilight">Password:</span>
  </td>
  <td width = "70%" height = "10" valign = "bottom">
  <input type = "password" id = "pass" name = "pass" style = "width: 80%" class = "text" tabindex = "2">
  </td>
</tr>
<tr>
  <td width = "30%" height = "10" valign = "bottom">
  <span class="hilight">Confirm Password:</span>
  </td>
  <td width = "70%" height = "10" valign = "bottom">
  <input type = "password" id = "pass2" name = "pass2" style = "width: 80%" class = "text" tabindex = "3">
  </td>
</tr>
<tr>
  <td width = "30%" height = "10" valign = "bottom">
  Valid Email:
  </td>
  <td width = "70%" height = "10" valign = "bottom">
  <input type = "text" id = "email" name = "email" style = "width: 80%" class = "text" tabindex = "4">
  </td>
</tr>
<tr>
  <td width = "30%" height = "10" valign = "bottom">
  http://
  </td>
  <td width = "70%" height = "10" valign = "bottom">
  <input type = "text" id = "url" name = "url" style = "width: 80%" class = "text" tabindex = "5">
  </td>
</tr>
<tr>
  <td width = "30%" height = "10" valign = "bottom">
  Date Of Birth:
  </td>
  <td width = "70%" height = "10" valign = "bottom">
  <span class = "bold">D: </span><input type = "text" id = "day" name = "day" size = "2" class = "text"  maxlength = "2" tabindex = "6">
  <span class = "bold">M: </span><input type = "text" id = "month" name = "month" size = "2" class = "text"  maxlength = "2" tabindex = "7">
  <span class = "bold">Y: </span><input type = "text" id = "year" name = "year" size = "4" class = "text"  maxlength = "4" tabindex = "8">
  </td>
</tr>
<tr>
  <td width = "30%" height = "10" valign = "bottom">
  Location:
  </td>
  <td width = "70%" height = "10" valign = "bottom">
  <input type = "text" id = "location" name = "location" style = "width: 80%" class = "text" tabindex = "9">
  </td>
</tr>
<tr>
  <td colspan = "3" valign = "top">
   
  </td>
</tr>
</table>
</form>

<script language = "javascript" type = "text/javascript">
<!--// Check field values are correct before submitting
function checkFields(){
  var flag = 1; // Return flag

  // Check for empty values in important fields first
  if(!document.getElementById("user").value || !document.getElementById("pass").value || !document.getElementById("pass2").value){
  alert("Please enter values in the following:\n\nUSERNAME\nPASSWORD\nCONFIRM PASSWORD");
  document.getElementById("user").focus();
  return true;
  }
  // Check that passwords are the same
  else if(document.getElementById("pass").value != document.getElementById("pass2").value){
  alert("Please enter two matching passwords");
  document.getElementById("pass").value = '';
  document.getElementById("pass2").value = '';
  document.getElementById("pass").focus();
  return true;
  }
  // Check the day / month / year fields if there's a value in one of them
  else if(document.getElementById("day").value || document.getElementById("month").value || document.getElementById("year").value){

  // Check day first
  if((isNaN(document.getElementById("day").value)) || (document.getElementById("day").value > 31) || (document.getElementById("day").value < 1)){
  alert("Please enter a valid day in the DOB field");
  document.getElementById("day").value = '';
  document.getElementById("day").focus();
  return true;
  }
  // Check month next
  else if((isNaN(document.getElementById("month").value)) || (document.getElementById("month").value > 12) || (document.getElementById("month").value < 1)){
    alert("Please enter a valid month in the DOB field");
    document.getElementById("month").value = '';
    document.getElementById("month").focus();
    return true;
  }
  // Finally the year
  else if((isNaN(document.getElementById("year").value)) || (document.getElementById("year").value >= <?php print date("Y", mktime()); ?>) || (document.getElementById("year").value < 1)){
    alert("Please enter a valid year in the DOB field");
    document.getElementById("year").value = '';
    document.getElementById("year").focus();
    return true;
  }
  else flag = 0;
  }
  else flag = 0;

  // One final check if the others went through fine
  if(!flag){
  if(document.getElementById("email").value){
    // Finally, check the email
    if(document.getElementById("email").value.indexOf("@") == -1 || document.getElementById("email").value.indexOf(".") == -1){
    alert("If entering an email addy, please make sure it is valid");
    document.getElementById("email").focus();
    return true;
    }
    else return false;
  }
  else return false;
  }
}
-->
</script>

[Avalon 1]

These two error messages....

Warning: fopen(users.php): failed to open stream: Permission denied in /home/zcnet/public_html/members/addUser.php on line 182
Warning: fwrite(): supplied argument is not a valid stream resource in /home/zcnet/public_html/members/addUser.php on line 185

...suggest to me that there is a file, (perhaps users.php?) that does not have the correct permissions set to allow the file to be written to. It looks like the script might write to a text file or something during the login/signup process, I think this file and/or the folder it is in would need global write permissions.

I wonder why you would use a text file to record information like this, a MySQL database would do it so much better. Search for a login script at one of the many PHP resource sites out there, it will save you a lot of work.

Hope that helps.