hello everyone!!!.. I’m having a bit of an issue here… I’m trying to follow along with a PHP tutorial on youtube for building your own e-commerce site… and I’m stuck trying to figure out what’s wrong with my page… the page I’m coding looks like this in dreamweaver
now at the top it says
Click Here</a>';exit();}}?>
so that’s telling me somethings wrong with the code… but I tested it on Ideone.com and everything came out fine… now when I try to run it in the browser this pops up…
… that is NOT the page I coded… I don’t understand how this is happening… here’s the php for the page in question… can someone PLEASE help me with this?.. I can’t continue learning until I get this figured out… thanks in advance…
<?php
session_start();
if(!isset($_SESSION["manager"])){
header("location:'http://www.optiq-costomtees.zhq.net/mystore/storeadmin/index.php'");
exit();
}
?>
<?php
//Parse the log in form if the user has filled it out and pressed "Log In"
if(isset($_POST["username"])&&isset($POST["password"])){
$manager=preg_replace('#[^A-Za-z0-9]#i','',$_POST["username"]);//filter everything but numbers and letters
$password=preg_replace('#[^A-Za-z0-9]#i','',$_POST["password"]);//filter everything but numbers and letters
//Connect to the MySQL database
include"http://www.optiq-costomtees.zhq.net/mystore/storescripts/connect_to_mysql.php";
$sql=mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1");//query the person
//---- MAKE SURE PERSON EXISTS IN DATABASEE ----
$existCount=mysql_num_rows($sql);//count rows nums
if($existCount==1){//evaluate the count
while($row=mysql_fetch_array($sql)){
$id=$row["id"];
}
$_SESSION["id"]=$id;
$_SESSION["manager"]=$manager;
$_SESSION["password"]=$password;
header("location:'http://www.optiq-costomtees.zhq.net/mystore/storeadmin/index.php'");
exit();
}else{
echo'That information is incorrect, try again <a href="http://www.optiq-costomtees.zhq.net/mystore/storeadmin/index.php">Click Here</a>';
exit();}}?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Store admin</title>
<link rel="http://www.optiq-costomtees.zhq.net/mystore/style/style.css" type="text/css" />
</head>
<body>
<div align="center" id="mainWrapper">
<?php include_once("http://www.optiq-costomtees.zhq.net/mystore/template_header.php");?>
<div id="pageContent"><br />
<div align="left" style="margin-left:24px;">
<h2>Please Log In To Manage Store</h2>
<form id="form1" method="post" action="admin_login.php">
User Name:
<input name="username" type="text" id="username" size="40" />
<br /><br />
Password:
<input name="password" type="password" id="password" size="40" />
<br />
<br />
<br />
<input type="submit" name="button" id="button" value="Log In" />
</form>
<p> </p>
</div>
</div>
<br />
<br />
<?php include_once("http://www.optiq-costomtees.zhq.net/mystore/template_footer.php");?>
</div>
</body>
</html>
the server I’m using automatically adds a number and underscore before the usernames… so this is filtering out the underscore in my username… how do I get it to allow the underscore?..
thanks!!!.. I tried that before but it didn’t work… I guess there’s more to the problem than just that… and is there a way I can edit my post or do I need to repost the pics in another post?
Just a lil thing I noticed in your code is that when you’re using mysql num rows: it returns an integer and any integer but 0 is trucy (or however you spell it, it is true when used in a statement).
@Dreeass… I’m kind of lost on what you’re saying. I looked at my code and don’t see anything like the code you listed… could you point it out to me and elaborate a little more on what that means and how it will change it?.. I’ve updated my code so I’m re-posting it in here… now I’m getting a “404 Page Not Found” error…
<?php
session_start();
if(!isset($_SESSION["manager"])){
header("location:'http://www.optiq-customtees.zxq.net/storeadmin/index.php'");
exit();
}
?>
<?php
//Parse the log in form if the user has filled it out and pressed "Log In"
if(isset($_POST["username"])&&isset($POST["password"])){
$manager=preg_replace('#[^A-Za-z0-9_]#i','',$_POST["username"]);//filter everything but numbers and letters
$password=preg_replace('#[^A-Za-z0-9]#i','',$_POST["password"]);//filter everything but numbers and letters
//Connect to the MySQL database
include"http://www.optiq-customtees.zxq.net/storeadmin/connect_to_mysql.php";
$sql=mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1");//query the person
//---- MAKE SURE PERSON EXISTS IN DATABASEE ----
$existCount=mysql_num_rows($sql);//count rows nums
if($existCount==1){//evaluate the count
while($row=mysql_fetch_array($sql)){
$id=$row["id"];
}
$_SESSION["id"]=$id;
$_SESSION["manager"]=$manager;
$_SESSION["password"]=$password;
header("location:http://www.optiq-customtees.zxq.net/storeadmin/index.php");
exit();
}else{
echo'That information is incorrect, try again <a href="http://www.optiq-customtees.zxq.net/storeadmin/index.php">Click Here</a>';
exit();}}?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Store admin</title>
<link rel="http://www.optiq-customtees.zhq.net/style/style.css" type="text/css" />
</head>
<body>
<div align="center" id="mainWrapper">
<?php include_once("http://www.optiq-customtees.zxq.net/template_header.php");?>
<div id="pageContent"><br />
<div align="left" style="margin-left:24px;">
<h2>Please Log In To Manage Store</h2>
<form id="form1" method="post" action="admin_login.php">
User Name:<br />
<input name="username" type="text" id="username" size="40" />
<br /><br />
Password:<br />
<input name="password" type="password" id="password" size="40" />
<br />
<br />
<br />
<input type="submit" name="button" id="button" value="Log In" />
</form>
<p> </p>
</div>
</div>
<br />
<br />
<?php include_once("http://www.optiq-customtees.zxq.net/template_footer.php");?>
</div>
</body>
</html>
It’s at the comment 'Make sure the user is in the database and when using href, forms, etc. you can just give the filename that is in the folder of the page.
E.g.: href=“http://www.domain.com/file.php” -> href=“file.php” and to get to a file in a folder use FOLDERNAME/FILENAME.