link diversi per ogni utente

giancadeejay

Utente Attivo
26 Ott 2010
224
0
16
torino
Buonasera

Avrei un problemino ....

Sto creando un sito in php dove,quando l'utente si logga,tenendo conto della tabella in db mysql e nello specifico del numero ID_utente,volevo indirizzare ognuno verso un link diverso..ma ho dei problemi
Il codice e' questo ,chi puo' dirmi dove sbaglio:

PHP:
<?php
    
    if($id_user = 1){ 
    
    
 Echo "<a href=/id_user1/upload.php>CARICA I TUOI FILE!</a>" ; 

    
    } elseif ( $id_user = 2 ){
    
    
 Echo "<a href=/id_user2/upload.php>CARICA I TUOI FILE!</a>" ,
}

           } elseif ($id_user = 3 ){
    
    
             Echo "<a href=/id_user3/upload.php>CARICA I TUOI FILE!</a>"; 
            }      



?>

Grazie in anticipo a tutti
 

criric

Super Moderatore
Membro dello Staff
SUPER MOD
MOD
21 Ago 2010
5.607
54
48
TN
Ciao, per paragonare due valori si usa il doppio uguale (==)
avevi una graffa e una virgola in piu
PHP:
<?php

if ($id_user == 1) {
    echo "<a href=/id_user1/upload.php>CARICA I TUOI FILE!</a>";
} elseif ($id_user == 2) {
    echo "<a href=/id_user2/upload.php>CARICA I TUOI FILE!</a>";
} elseif ($id_user == 3) {
    echo "<a href=/id_user3/upload.php>CARICA I TUOI FILE!</a>";
}
?>
in ogni caso ti conviene scrivere semplicemente cosi
PHP:
<?php
echo "<a href='/id_user" . $id_user . "/upload.php'>CARICA I TUOI FILE!</a>";
?>
edit
mancano anche gli apici nel link
PHP:
<a href='/id_user3/upload.php'>
 
Ultima modifica:

giancadeejay

Utente Attivo
26 Ott 2010
224
0
16
torino
grazie mille criric
.....ma forse non mi sono spiegato bene
Io vorrei che se si loga "pinkopallo" , lo stesso deve vedere solo il suo link verso la sua pagina privata
invece cosi
PHP:
if ($id_user == 1) {
    echo "<a href=/id_user1/upload.php>CARICA I TUOI FILE!</a>";
} elseif ($id_user == 2) {
    echo "<a href=/id_user2/upload.php>CARICA I TUOI FILE!</a>";
} elseif ($id_user == 3) {
    echo "<a href=/id_user3/upload.php>CARICA I TUOI FILE!</a>";
}
vede tutti e tre i link e non va bene....
Sto impazzendo...
 

criric

Super Moderatore
Membro dello Staff
SUPER MOD
MOD
21 Ago 2010
5.607
54
48
TN
guarda che in entrambe le soluzioni che ti ho postato vedi solo un link
forse hai trascritto male
ricordati di mettere gli apici
 

giancadeejay

Utente Attivo
26 Ott 2010
224
0
16
torino
Scusa ma sono alle prime armi
Cosi va bene?per ora ho solo 3 utenti:
PHP:
echo "<a href='/id_user1" . $id_user . "/upload.php'>CARICA I TUOI FILE!</a>";
echo "<a href='/id_user2/" . $id_user2 . "/upload.php'>CARICA I TUOI FILE!</a>";
echo "<a href='/id_user3/" . $id_user3 . "/upload.php'>CARICA I TUOI FILE!</a>";

solo che nella pagina ,quando entri si vedono 3 link...non va'
 

criric

Super Moderatore
Membro dello Staff
SUPER MOD
MOD
21 Ago 2010
5.607
54
48
TN
ma non è quello che abbiamo scritto
dove prendi queste variabili $id_user , $id_user2 e $id_user3 ?
il login come lo fai?
 

giancadeejay

Utente Attivo
26 Ott 2010
224
0
16
torino
Login.php
PHP:
<?PHP
require_once("./include/membersite_config.php");


if(isset($_POST['submitted']))
{
   if($fgmembersite->Login())
   {
        $fgmembersite->RedirectToURL("login-home.php");
   }
}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
      <meta http-equiv='Content-Type' content='text/html; charset=utf-8'/>
      <title>Login</title>
      <link rel="STYLESHEET" type="text/css" href="style/fg_membersite.css" />
       <link rel="stylesheet" type="text/css" href="sfondosito.css">
      <script type='text/javascript' src='scripts/gen_validatorv31.js'></script>
</head>
<style type="text/css">
<!--
A{text-decoration:none}
-->
</style>
<body >
<br><br><br><br><br><br><br><br><br><br><center>
<!-- Form Code Start -->
<div id='fg_membersite'>
<form id='login' action='<?php echo $fgmembersite->GetSelfScript(); ?>' method='post' accept-charset='UTF-8'>
<fieldset >
<legend>Login</legend>

<input type='hidden' name='submitted' id='submitted' value='1'/>

<div class='short_explanation'>* campo obbligatorio</div>

<div><span class='error'><?php echo $fgmembersite->GetErrorMessage(); ?></span></div>
<div class='container'>
    <label for='username' >USERNAME *:</label><br/>
    <input type='text' name='username' id='username' value='<?php echo $fgmembersite->SafeDisplay('username') ?>' maxlength="50" /><br/>
    <span id='login_username_errorloc' class='error'></span>
</div>
<div class='container'>
    <label for='password' >PASSWORD *:</label><br/>
    <input type='password' name='password' id='password' maxlength="50" /><br/>
    <span id='login_password_errorloc' class='error'></span>
</div>

<div class='container'>
    <input type='submit' name='Submit' value='Login' />
</div>
<div class='short_explanation'><a href='reset-pwd-req.php'>Password dimenticata?</a></div>
</fieldset>
</form></center>
<!-- client-side Form Validations:
Uses the excellent form validation script from JavaScript-coder.com-->

<script type='text/javascript'>
// <![CDATA[

    var frmvalidator  = new Validator("login");
    frmvalidator.EnableOnPageErrorDisplay();
    frmvalidator.EnableMsgsTogether();

    frmvalidator.addValidation("username","req","Please provide your username");
    
    frmvalidator.addValidation("password","req","Please provide the password");

// ]]>
</script>
</div>
<!--
Form Code End (see html-form-guide.com for more info.)
-->

</body>
</html>

che porta l'utente in
Login-home
PHP:
<?PHP
require_once("./include/membersite_config.php");
include('menu.js');

 


if(!$fgmembersite->CheckLogin())
{
    $fgmembersite->RedirectToURL("login.php");
    exit;
}

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
      <meta http-equiv='Content-Type' content='text/html; charset=utf-8'/>
      <title>Home page</title>
      <link rel="STYLESHEET" type="text/css" href="style/fg_membersite.css">
       <link rel="stylesheet" type="text/css" href="sfondosito.css">
</head>
<style type="text/css">
<!--
A{text-decoration:none}
-->
</style>
<body>
<br><br><br><br><br><br><center>
<div id='fg_membersite_content'>
<h2><font face="Pr celtic Narrow" font size="5">LA TUA PAGINA PROFILO</font></h2>
<font face="Pr celtic Narrow" font size="5">Benvenuto : </font> <?= $fgmembersite->UserFullName(); ?>!


<p><a href='change-pwd.php'><font face="Pr celtic Narrow" font size="5">Cambia password</a></font></p><br><br><br><br>

<p><a href='access-controlled.php'><font face="Pr celtic Narrow" font size="6">ENTRA NEL SITO</font></a></p>
<br><br><br>
<p><a href='logout.php'><font face="Pr celtic Narrow" font size="5">ESCI</a></font></p>
</div></center>
<?php
include("dataeora.php");
?>
</body>


tutte quelle variabili le prendo guardando il mio database mysql dove ,per ora,ho 3 utenti,e quindi id_user1,id_user2 etc
come posso risolvere?
 

giancadeejay

Utente Attivo
26 Ott 2010
224
0
16
torino
in pratica quando effettui il login finisci in LOGIN-home.php e qui dovresti trovare il tuo link che ti indirizza alla tua cartella gia preparata distinta da quella degli altri utenti:
link->CARTELLA1 se si logga UTENTE1
link->CARTELLA2 se si logga UTENTE2

e cosi via..........
 

criric

Super Moderatore
Membro dello Staff
SUPER MOD
MOD
21 Ago 2010
5.607
54
48
TN
la vedo ardua
il tutto cmq dovrebbe essere dentro questo file : membersite_config.php
puoi postarlo?
 

giancadeejay

Utente Attivo
26 Ott 2010
224
0
16
torino
eccolo
PHP:
<?PHP
require_once("./include/fg_membersite.php");

$fgmembersite = new FGMembersite();

//Provide your site name here
$fgmembersite->SetWebsiteName('CarpeWeb.altervista.org');

//Provide the email address where you want to get notifications
$fgmembersite->SetAdminEmail('[email protected]');

//Provide your database login details here:
//hostname, user name, password, database name and table name
//note that the script will create the table (for example, fgusers in this case)
//by itself on submitting register.php for the first time
$fgmembersite->InitDB(/*hostname*/'localhost',
                      /*username*/'usrname',
                      /*password*/'password',
                      /*database name*/'my_db',
                      /*table name*/'fgusers3');

//For better security. Get a random string from this link: [url]http://tinyurl.com/randstr[/url]
// and put it here
$fgmembersite->SetRandomKey('qSRcVS6DrTzrPvr');

?>
 
Ultima modifica di un moderatore:

criric

Super Moderatore
Membro dello Staff
SUPER MOD
MOD
21 Ago 2010
5.607
54
48
TN
nemmeno qua
forse in questo fg_membersite.php
ma temo richiami altri file
ma dove l'hai trovato?
non ti conveniva qualcosa di piu semplice visto che sei all'inizio
 

giancadeejay

Utente Attivo
26 Ott 2010
224
0
16
torino
fg_membersite.php

PHP:
require_once("class.phpmailer.php");
require_once("formvalidator.php");

class FGMembersite
{
    var $admin_email;
    var $from_address;
    
    var $username;
    var $pwd;
    var $database;
    var $tablename;
    var $connection;
    var $rand_key;
    
    var $error_message;
    
    //-----Initialization -------
    function FGMembersite()
    {
        $this->sitename = 'Miositoweb';
        $this->rand_key = '0iQx5oBk66oVZep';
    }
    
    function InitDB($host,$uname,$pwd,$database,$tablename)
    {
        $this->db_host  = $host;
        $this->username = $uname;
        $this->pwd  = $pwd;
        $this->database  = $database;
        $this->tablename = $tablename;
        
    }
    function SetAdminEmail($email)
    {
        $this->admin_email = $email;
    }
    
    function SetWebsiteName($sitename)
    {
        $this->sitename = $sitename;
    }
    
    function SetRandomKey($key)
    {
        $this->rand_key = $key;
    }
    
    //-------Main Operations ----------------------
    function RegisterUser()
    {
        if(!isset($_POST['submitted']))
        {
           return false;
        }
        
        $formvars = array();
        
        if(!$this->ValidateRegistrationSubmission())
        {
            return false;
        }
        
        $this->CollectRegistrationSubmission($formvars);
        
        if(!$this->SaveToDatabase($formvars))
        {
            return false;
        }
        
        if(!$this->SendUserConfirmationEmail($formvars))
        {
            return false;
        }

        $this->SendAdminIntimationEmail($formvars);
        
        return true;
    }

    function ConfirmUser()
    {
        if(empty($_GET['code'])||strlen($_GET['code'])<=10)
        {
            $this->HandleError("Please provide the confirm code");
            return false;
        }
        $user_rec = array();
        if(!$this->UpdateDBRecForConfirmation($user_rec))
        {
            return false;
        }
        
        $this->SendUserWelcomeEmail($user_rec);
        
        $this->SendAdminIntimationOnRegComplete($user_rec);
        
        return true;
    }    
    
    function Login()
    {
        if(empty($_POST['username']))
        {
            $this->HandleError("UserName is empty!");
            return false;
        }
        
        if(empty($_POST['password']))
        {
            $this->HandleError("Password is empty!");
            return false;
        }
        
        $username = trim($_POST['username']);
        $password = trim($_POST['password']);
        
        if(!isset($_SESSION)){ session_start(); }
        if(!$this->CheckLoginInDB($username,$password))
        {
            return false;
        }
        
        $_SESSION[$this->GetLoginSessionVar()] = $username;
        
        return true;
    }
    
    function CheckLogin()
    {
         if(!isset($_SESSION)){ session_start(); }

         $sessionvar = $this->GetLoginSessionVar();
         
         if(empty($_SESSION[$sessionvar]))
         {
            return false;
         }
         return true;
    }
    
    function UserFullName()
    {
        return isset($_SESSION['name_of_user'])?$_SESSION['name_of_user']:'';
       
    }
    
    function UserEmail()
    {
        return isset($_SESSION['email_of_user'])?$_SESSION['email_of_user']:'';
    }
    
    function LogOut()
    {
        session_start();
        
        $sessionvar = $this->GetLoginSessionVar();
        
        $_SESSION[$sessionvar]=NULL;
        
        unset($_SESSION[$sessionvar]);
    }
    
    function EmailResetPasswordLink()
    {
        if(empty($_POST['email']))
        {
            $this->HandleError("Email is empty!");
            return false;
        }
        $user_rec = array();
        if(false === $this->GetUserFromEmail($_POST['email'], $user_rec))
        {
            return false;
        }
        if(false === $this->SendResetPasswordLink($user_rec))
        {
            return false;
        }
        return true;
    }
    
    function ResetPassword()
    {
        if(empty($_GET['email']))
        {
            $this->HandleError("Email is empty!");
            return false;
        }
        if(empty($_GET['code']))
        {
            $this->HandleError("reset code is empty!");
            return false;
        }
        $email = trim($_GET['email']);
        $code = trim($_GET['code']);
        
        if($this->GetResetPasswordCode($email) != $code)
        {
            $this->HandleError("Bad reset code!");
            return false;
        }
        
        $user_rec = array();
        if(!$this->GetUserFromEmail($email,$user_rec))
        {
            return false;
        }
        
        $new_password = $this->ResetUserPasswordInDB($user_rec);
        if(false === $new_password || empty($new_password))
        {
            $this->HandleError("Error updating new password");
            return false;
        }
        
        if(false == $this->SendNewPassword($user_rec,$new_password))
        {
            $this->HandleError("Error sending new password");
            return false;
        }
        return true;
    }
    
    function ChangePassword()
    {
        if(!$this->CheckLogin())
        {
            $this->HandleError("Not logged in!");
            return false;
        }
        
        if(empty($_POST['oldpwd']))
        {
            $this->HandleError("Old password is empty!");
            return false;
        }
        if(empty($_POST['newpwd']))
        {
            $this->HandleError("New password is empty!");
            return false;
        }
        
        $user_rec = array();
        if(!$this->GetUserFromEmail($this->UserEmail(),$user_rec))
        {
            return false;
        }
        
        $pwd = trim($_POST['oldpwd']);
        
        if($user_rec['password'] != md5($pwd))
        {
            $this->HandleError("The old password does not match!");
            return false;
        }
        $newpwd = trim($_POST['newpwd']);
        
        if(!$this->ChangePasswordInDB($user_rec, $newpwd))
        {
            return false;
        }
        return true;
    }
    
    //-------Public Helper functions -------------
    function GetSelfScript()
    {
        return htmlentities($_SERVER['PHP_SELF']);
    }    
    
    function SafeDisplay($value_name)
    {
        if(empty($_POST[$value_name]))
        {
            return'';
        }
        return htmlentities($_POST[$value_name]);
    }
    
    function RedirectToURL($url)
    {
        header("Location: $url");
        exit;
    }
    
    function GetSpamTrapInputName()
    {
        return 'sp'.md5('KHGdnbvsgst'.$this->rand_key);
    }
    
    function GetErrorMessage()
    {
        if(empty($this->error_message))
        {
            return '';
        }
        $errormsg = nl2br(htmlentities($this->error_message));
        return $errormsg;
    }    
    //-------Private Helper functions-----------
    
    function HandleError($err)
    {
        $this->error_message .= $err."\r\n";
    }
    
    function HandleDBError($err)
    {
        $this->HandleError($err."\r\n mysqlerror:".mysql_error());
    }
    
    function GetFromAddress()
    {
        if(!empty($this->from_address))
        {
            return $this->from_address;
        }

        $host = $_SERVER['SERVER_NAME'];

        $from ="[email protected]$host";
        return $from;
    } 
    
    function GetLoginSessionVar()
    {
        $retvar = md5($this->rand_key);
        $retvar = 'usr_'.substr($retvar,0,10);
        return $retvar;
    }
    
    function CheckLoginInDB($username,$password)
    {
        if(!$this->DBLogin())
        {
            $this->HandleError("Database login failed!");
            return false;
        }          
        $username = $this->SanitizeForSQL($username);
        $pwdmd5 = md5($password);
        $qry = "Select name, email from $this->tablename where username='$username' and password='$pwdmd5' and confirmcode='y'";
        
        $result = mysql_query($qry,$this->connection);
        
        if(!$result || mysql_num_rows($result) <= 0)
        {
            $this->HandleError("Error logging in. The username or password does not match");
            return false;
        }
        
        $row = mysql_fetch_assoc($result);
        
        
        $_SESSION['name_of_user']  = $row['name'];
        $_SESSION['email_of_user'] = $row['email'];
        
        return true;
    }
    
    function UpdateDBRecForConfirmation(&$user_rec)
    {
        if(!$this->DBLogin())
        {
            $this->HandleError("Database login failed!");
            return false;
        }   
        $confirmcode = $this->SanitizeForSQL($_GET['code']);
        
        $result = mysql_query("Select name, email from $this->tablename where confirmcode='$confirmcode'",$this->connection);   
        if(!$result || mysql_num_rows($result) <= 0)
        {
            $this->HandleError("Wrong confirm code.");
            return false;
        }
        $row = mysql_fetch_assoc($result);
        $user_rec['name'] = $row['name'];
        $user_rec['email']= $row['email'];
        
        $qry = "Update $this->tablename Set confirmcode='y' Where  confirmcode='$confirmcode'";
        
        if(!mysql_query( $qry ,$this->connection))
        {
            $this->HandleDBError("Error inserting data to the table\nquery:$qry");
            return false;
        }      
        return true;
    }
    
    function ResetUserPasswordInDB($user_rec)
    {
        $new_password = substr(md5(uniqid()),0,10);
        
        if(false == $this->ChangePasswordInDB($user_rec,$new_password))
        {
            return false;
        }
        return $new_password;
    }
    
    function ChangePasswordInDB($user_rec, $newpwd)
    {
        $newpwd = $this->SanitizeForSQL($newpwd);
        
        $qry = "Update $this->tablename Set password='".md5($newpwd)."' Where  id_user=".$user_rec['id_user']."";
        
        if(!mysql_query( $qry ,$this->connection))
        {
            $this->HandleDBError("Error updating the password \nquery:$qry");
            return false;
        }     
        return true;
    }
    
    function GetUserFromEmail($email,&$user_rec)
    {
        if(!$this->DBLogin())
        {
            $this->HandleError("Database login failed!");
            return false;
        }   
        $email = $this->SanitizeForSQL($email);
        
        $result = mysql_query("Select * from $this->tablename where email='$email'",$this->connection);  

        if(!$result || mysql_num_rows($result) <= 0)
        {
            $this->HandleError("There is no user with email: $email");
            return false;
        }
        $user_rec = mysql_fetch_assoc($result);

        
        return true;
    }
    
    function SendUserWelcomeEmail(&$user_rec)
    {
        $mailer = new PHPMailer();
        
        $mailer->CharSet = 'utf-8';
        
        $mailer->AddAddress($user_rec['email'],$user_rec['name']);
        
        $mailer->Subject = "Benvenuto su ".$this->sitename;

        $mailer->From = $this->GetFromAddress();        
        
        $mailer->Body ="Benvenuto ".$user_rec['name']."\r\n\r\n".
        "Benvenuto!La tua registrazione nel sito ".$this->sitename." e' stata completata.\r\n".
        "\r\n".
        "Cordiali Saluti,\r\n".
        "Webmaster\r\n".
        $this->sitename;

        if(!$mailer->Send())
        {
            $this->HandleError("Failed sending user welcome email.");
            return false;
        }
        return true;
    }
    
    function SendAdminIntimationOnRegComplete(&$user_rec)
    {
        if(empty($this->admin_email))
        {
            return false;
        }
        $mailer = new PHPMailer();
        
        $mailer->CharSet = 'utf-8';
        
        $mailer->AddAddress($this->admin_email);
        
        $mailer->Subject = "Registration Completed: ".$user_rec['name'];

        $mailer->From = $this->GetFromAddress();         
        
        $mailer->Body ="A new user registered at ".$this->sitename."\r\n".
        "Name: ".$user_rec['name']."\r\n".
        "Email address: ".$user_rec['email']."\r\n";
        
        if(!$mailer->Send())
        {
            return false;
        }
        return true;
    }
    
    function GetResetPasswordCode($email)
    {
       return substr(md5($email.$this->sitename.$this->rand_key),0,10);
    }
    
    function SendResetPasswordLink($user_rec)
    {
        $email = $user_rec['email'];
        
        $mailer = new PHPMailer();
        
        $mailer->CharSet = 'utf-8';
        
        $mailer->AddAddress($email,$user_rec['name']);
        
        $mailer->Subject = "Your reset password request at ".$this->sitename;

        $mailer->From = $this->GetFromAddress();
        
        $link = $this->GetAbsoluteURLFolder().
                '/resetpwd.php?email='.
                urlencode($email).'&code='.
                urlencode($this->GetResetPasswordCode($email));

        $mailer->Body ="Ciao ".$user_rec['name']."\r\n\r\n".
        "Ci e' stato richiesto di resettare la tua password nel sito ".$this->sitename."\r\n".
        "Perfavore,clicca sul link per confermare la tua richiesta: \r\n".$link."\r\n".
        "Cordiali Saluti,\r\n".
        "Webmaster\r\n".
        $this->sitename;
        
        if(!$mailer->Send())
        {
            return false;
        }
        return true;
    }
    
    function SendNewPassword($user_rec, $new_password)
    {
        $email = $user_rec['email'];
        
        $mailer = new PHPMailer();
        
        $mailer->CharSet = 'utf-8';
        
        $mailer->AddAddress($email,$user_rec['name']);
        
        $mailer->Subject = "La tua nuova password nel sito ".$this->sitename;

        $mailer->From = $this->GetFromAddress();
        
        $mailer->Body ="Ciao ".$user_rec['name']."\r\n\r\n".
        "La tua password e' stata cambiata con successo. ".
        "Here is your updated login:\r\n".
        "username:".$user_rec['username']."\r\n".
        "password:$new_password\r\n".
        "\r\n".
        "Login here: ".$this->GetAbsoluteURLFolder()."/login.php\r\n".
        "\r\n".
        "Regards,\r\n".
        "Webmaster\r\n".
        $this->sitename;
        
        if(!$mailer->Send())
        {
            return false;
        }
        return true;
    }    
    
    function ValidateRegistrationSubmission()
    {
        //This is a hidden input field. Humans won't fill this field.
        if(!empty($_POST[$this->GetSpamTrapInputName()]) )
        {
            //The proper error is not given intentionally
            $this->HandleError("Automated submission prevention: case 2 failed");
            return false;
        }
        
        $validator = new FormValidator();
        $validator->addValidation("name","req","Please fill in Name");
        $validator->addValidation("email","email","The input for Email should be a valid email value");
        $validator->addValidation("email","req","Please fill in Email");
        $validator->addValidation("username","req","Please fill in UserName");
        $validator->addValidation("password","req","Please fill in Password");

        
        if(!$validator->ValidateForm())
        {
            $error='';
            $error_hash = $validator->GetErrors();
            foreach($error_hash as $inpname => $inp_err)
            {
                $error .= $inpname.':'.$inp_err."\n";
            }
            $this->HandleError($error);
            return false;
        }        
        return true;
    }
    
    function CollectRegistrationSubmission(&$formvars)
    {
        $formvars['name'] = $this->Sanitize($_POST['name']);
        $formvars['email'] = $this->Sanitize($_POST['email']);
        $formvars['username'] = $this->Sanitize($_POST['username']);
        $formvars['password'] = $this->Sanitize($_POST['password']);
    }
    
    function SendUserConfirmationEmail(&$formvars)
    {
        $mailer = new PHPMailer();
        
        $mailer->CharSet = 'utf-8';
        
        $mailer->AddAddress($formvars['email'],$formvars['name']);
        
        $mailer->Subject = "La tua registrazione su ".$this->sitename;

        $mailer->From = $this->GetFromAddress();        
        
        $confirmcode = $formvars['confirmcode'];
        
        $confirm_url = $this->GetAbsoluteURLFolder().'/confirmreg.php?code='.$confirmcode;
        
        $mailer->Body ="Benvenuto ".$formvars['name']."\r\n\r\n".
        "Grazie per esserti registrato nel sito di  ".$this->CarpeWeb."\r\n".
        "Clicca sul link per confermare la tua registrazione.\r\n".
        "$confirm_url\r\n".
        "\r\n".
        "Cordiali Saluti,\r\n".
        "Webmaster\r\n".
        $this->CarpeWeb;

        if(!$mailer->Send())
        {
            $this->HandleError("Failed sending registration confirmation email.");
            return false;
        }
        return true;
    }
    function GetAbsoluteURLFolder()
    {
        $scriptFolder = (isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on')) ? 'https://' : 'http://';
        $scriptFolder .= $_SERVER['HTTP_HOST'] . dirname($_SERVER['REQUEST_URI']);
        return $scriptFolder;
    }
    
    function SendAdminIntimationEmail(&$formvars)
    {
        if(empty($this->admin_email))
        {
            return false;
        }
        $mailer = new PHPMailer();
        
        $mailer->CharSet = 'utf-8';
        
        $mailer->AddAddress($this->admin_email);
        
        $mailer->Subject = "New registration: ".$formvars['name'];

        $mailer->From = $this->GetFromAddress();         
        
        $mailer->Body ="A new user registered at ".$this->CarpeWeb."\r\n".
        "Name: ".$formvars['name']."\r\n".
        "Email address: ".$formvars['email']."\r\n".
        "UserName: ".$formvars['username'];
        
        if(!$mailer->Send())
        {
            return false;
        }
        return true;
    }
    
    function SaveToDatabase(&$formvars)
    {
        if(!$this->DBLogin())
        {
            $this->HandleError("Database login failed!");
            return false;
        }
        if(!$this->Ensuretable())
        {
            return false;
        }
        if(!$this->IsFieldUnique($formvars,'email'))
        {
            $this->HandleError("This email is already registered");
            return false;
        }
        
        if(!$this->IsFieldUnique($formvars,'username'))
        {
            $this->HandleError("This UserName is already used. Please try another username");
            return false;
        }        
        if(!$this->InsertIntoDB($formvars))
        {
            $this->HandleError("Inserting to Database failed!");
            return false;
        }
        return true;
    }
    
    function IsFieldUnique($formvars,$fieldname)
    {
        $field_val = $this->SanitizeForSQL($formvars[$fieldname]);
        $qry = "select username from $this->tablename where $fieldname='".$field_val."'";
        $result = mysql_query($qry,$this->connection);   
        if($result && mysql_num_rows($result) > 0)
        {
            return false;
        }
        return true;
    }
    
    function DBLogin()
    {

        $this->connection = mysql_connect($this->db_host,$this->username,$this->pwd);

        if(!$this->connection)
        {   
            $this->HandleDBError("Database Login failed! Please make sure that the DB login credentials provided are correct");
            return false;
        }
        if(!mysql_select_db($this->database, $this->connection))
        {
            $this->HandleDBError('Failed to select database: '.$this->database.' Please make sure that the database name provided is correct');
            return false;
        }
        if(!mysql_query("SET NAMES 'UTF8'",$this->connection))
        {
            $this->HandleDBError('Error setting utf8 encoding');
            return false;
        }
        return true;
    }    
    
    function Ensuretable()
    {
        $result = mysql_query("SHOW COLUMNS FROM $this->tablename");   
        if(!$result || mysql_num_rows($result) <= 0)
        {
            return $this->CreateTable();
        }
        return true;
    }
    
    function CreateTable()
    {
        $qry = "Create Table $this->tablename (".
                "id_user INT NOT NULL AUTO_INCREMENT ,".
                "name VARCHAR( 128 ) NOT NULL ,".
                "email VARCHAR( 64 ) NOT NULL ,".
                "phone_number VARCHAR( 16 ) NOT NULL ,".
                "username VARCHAR( 16 ) NOT NULL ,".
                "password VARCHAR( 32 ) NOT NULL ,".
                "confirmcode VARCHAR(32) ,".
                "PRIMARY KEY ( id_user )".
                ")";
                
        if(!mysql_query($qry,$this->connection))
        {
            $this->HandleDBError("Error creating the table \nquery was\n $qry");
            return false;
        }
        return true;
    }
    
    function InsertIntoDB(&$formvars)
    {
    
        $confirmcode = $this->MakeConfirmationMd5($formvars['email']);
        
        $formvars['confirmcode'] = $confirmcode;
        
        $insert_query = 'insert into '.$this->tablename.'(
                name,
                email,
                username,
                password,
                confirmcode
                )
                values
                (
                "' . $this->SanitizeForSQL($formvars['name']) . '",
                "' . $this->SanitizeForSQL($formvars['email']) . '",
                "' . $this->SanitizeForSQL($formvars['username']) . '",
                "' . md5($formvars['password']) . '",
                "' . $confirmcode . '"
                )';      
        if(!mysql_query( $insert_query ,$this->connection))
        {
            $this->HandleDBError("Error inserting data to the table\nquery:$insert_query");
            return false;
        }        
        return true;
    }
    function MakeConfirmationMd5($email)
    {
        $randno1 = rand();
        $randno2 = rand();
        return md5($email.$this->rand_key.$randno1.''.$randno2);
    }
    function SanitizeForSQL($str)
    {
        if( function_exists( "mysql_real_escape_string" ) )
        {
              $ret_str = mysql_real_escape_string( $str );
        }
        else
        {
              $ret_str = addslashes( $str );
        }
        return $ret_str;
    }
    
 /*
    Sanitize() function removes any potential threat from the
    data submitted. Prevents email injections or any other hacker attempts.
    if $remove_nl is true, newline chracters are removed from the input.
    */
    function Sanitize($str,$remove_nl=true)
    {
        $str = $this->StripSlashes($str);

        if($remove_nl)
        {
            $injections = array('/(\n+)/i',
                '/(\r+)/i',
                '/(\t+)/i',
                '/(%0A+)/i',
                '/(%0D+)/i',
                '/(%08+)/i',
                '/(%09+)/i'
                );
            $str = preg_replace($injections,'',$str);
        }

        return $str;
    }    
    function StripSlashes($str)
    {
        if(get_magic_quotes_gpc())
        {
            $str = stripslashes($str);
        }
        return $str;
    }    
}
 

criric

Super Moderatore
Membro dello Staff
SUPER MOD
MOD
21 Ago 2010
5.607
54
48
TN
sicuro che ci sia l'id nella tabella utenti ?
in questo caso ti conviene mettere in sessione anche l'id e cambiare questa funzione
PHP:
function CheckLoginInDB($username, $password) {
        if (!$this->DBLogin()) {
            $this->HandleError("Database login failed!");
            return false;
        }
        $username = $this->SanitizeForSQL($username);
        $pwdmd5 = md5($password);
        $qry = "Select name, email from $this->tablename where username='$username' and password='$pwdmd5' and confirmcode='y'";

        $result = mysql_query($qry, $this->connection);

        if (!$result || mysql_num_rows($result) <= 0) {
            $this->HandleError("Error logging in. The username or password does not match");
            return false;
        }

        $row = mysql_fetch_assoc($result);


        $_SESSION['name_of_user'] = $row['name'];
        $_SESSION['email_of_user'] = $row['email'];

        return true;
    }

dove cambierai la select aggiungendo il nome del campo dell'id e metterai in sessione il risultato della query
PHP:
 $_SESSION['id_of_user'] = $row['nome_campo_id_utente'];
dopodiche ti basta scrivere cosi
PHP:
echo "<a href='/id_user" . $_SESSION['id_of_user'] . "/upload.php'>CARICA I TUOI FILE!</a>";
 

giancadeejay

Utente Attivo
26 Ott 2010
224
0
16
torino
questa e' la tabella

$qry = "Create Table $this->tablename (".
"id_user INT NOT NULL AUTO_INCREMENT ,".
"name VARCHAR( 128 ) NOT NULL ,".
"email VARCHAR( 64 ) NOT NULL ,".
"phone_number VARCHAR( 16 ) NOT NULL ,".
"username VARCHAR( 16 ) NOT NULL ,".
"password VARCHAR( 32 ) NOT NULL ,".
"confirmcode VARCHAR(32) ,".
"PRIMARY KEY ( id_user )".
")";

quindi che faccio?
 

criric

Super Moderatore
Membro dello Staff
SUPER MOD
MOD
21 Ago 2010
5.607
54
48
TN
cambia la funzione cosi
PHP:
function CheckLoginInDB($username, $password) {
        if (!$this->DBLogin()) {
            $this->HandleError("Database login failed!");
            return false;
        }
        $username = $this->SanitizeForSQL($username);
        $pwdmd5 = md5($password);
        $qry = "Select id_user, name, email from $this->tablename where username='$username' and password='$pwdmd5' and confirmcode='y'";

        $result = mysql_query($qry, $this->connection);

        if (!$result || mysql_num_rows($result) <= 0) {
            $this->HandleError("Error logging in. The username or password does not match");
            return false;
        }

        $row = mysql_fetch_assoc($result);


        $_SESSION['name_of_user'] = $row['name'];
        $_SESSION['email_of_user'] = $row['email'];
        $_SESSION['id_of_user'] = $row['id_user'];

        return true;
    }
e metti il link come te l'ho postato prima
 

criric

Super Moderatore
Membro dello Staff
SUPER MOD
MOD
21 Ago 2010
5.607
54
48
TN
PHP:
echo "<a href='/id_user" . $_SESSION['id_of_user'] . "/upload.php'>CARICA I TUOI FILE!</a>";
nella pagina dove vuoi che l'utente veda il link
 

giancadeejay

Utente Attivo
26 Ott 2010
224
0
16
torino
ho fatto tutto cio che mi hai suggerito
ma il link mi porta in./id_user/upload
le cartelle assegnate ad ogni utente si chiamano
id_user1
id_user2
etc..etc
 

giancadeejay

Utente Attivo
26 Ott 2010
224
0
16
torino
per capire il lavoro di stasera non mi basterebbero 10 anni forse...
quindi ti ringrazio moltissimo x per la disponibilita'....
 
Discussioni simili
Autore Titolo Forum Risposte Data
Sermatth72 [HTML] creare link con colori Hover diversi, possibile? HTML e CSS 6
S Css: Link ipertestuali con diversi valori HTML e CSS 3
G caricare 3 html diversi nello stesso frame, utilizzando 3 link.... HTML e CSS 2
Kea BD Scambio Link con box diversi? Supporto Mr.Webmaster 2
S 2 link aperti in 2 frame diversi AIUTO! Javascript 1
pugia Doppio link a due frame diversi HTML e CSS 4
grottafelix Jump menu e link diversi Snippet Javascript 8
D Inserire link PHP 0
A Regex per isolare link interni con rel noopener PHP 0
Shyson Modificare codice e creare link PHP 0
M Come individuare il link sito entrante Google Analytics 1
W Elenco dei link del file presenti in una cartella PHP 2
P modifica colore A Hover link website . WordPress 2
T Offuscare link pagina web PHP 2
D Estrarre database con link esterno Database 10
W Creare link di una dato Classic ASP 0
M Visualizzare file PDF con link preso dal DB PHP 0
G Link Building da aggregatori e nuovo social network SEO e Posizionamento 1
G PHP e Microsoft Teams: generare link videocall PHP 15
Shyson Link social penalizzano il sito? SEO e Posizionamento 14
G Rendere dati di una tabella mysql link PHP 22
Shyson Mascherare link di affiliazione PHP 0
F domanda sul link juice SEO e Posizionamento 2
C Problema tp-link extender cp210 Reti LAN e Wireless 9
M [Wordpress] Slider Revolution automatic link WordPress 0
diamantetredici13 [HTML] link e poi link... HTML e CSS 2
D [WordPress] Link eliminati ancora presenti nel database, è possibile? WordPress 0
Shyson [PHP] Aggiungere link al codice PHP 0
K [PHP] Link Obfuscator PHP 5
B anomalia router TP Link Reti LAN e Wireless 0
G Inserire "Leggi il resto dell'articolo" con link al post sul sito preso via RSS Email Marketing 0
D Tp-link voip non funzionante Adsl e Connettività 0
E [HTML] non apre link a file locale ma se lo imposto su barra indirizzi lo apre HTML e CSS 3
D [HTML] Inviare un link contenente un' immagine HTML e CSS 4
M [MySQL] CREARE UN LINK SU UN DETERMINATO CAMPO DI UNA TABELLA RISULTATO DI UNA QUERY SQL MySQL 3
P [Javascript] Aprire Link in Div e pagina Dinamica Javascript 0
kikdirty cerco scambio link con siti di strumenti seo Offerte e Richieste di scambio links 0
N Scambio link sito ZA40 Offerte e Richieste di scambio links 1
Cosina Link in document ready function jQuery 0
E Validazione campi form passati da link Programmazione 0
R [PHP] [Javascript] Link a DIV id di un' altra pagina PHP 4
GiErre [PHP] [HTML] Disabilitare un link in funzione della piattaforma PHP 7
trattorino [PHP] link su stringa con @ PHP 3
P Gif animata con sezioni e link esterni in photoshop Photoshop 8
G [HTML] estrapolare link da pagina web HTML e CSS 9
G [HTML] mettere link in facebook link invece che su sito web Social Media Marketing 2
A [PHP] errore 404 e invio mai path pagina con link interrotto PHP 2
R [HTML] Immagini con link, uguali su tutte le pagine del sito HTML e CSS 3
D Scambio link in articoli sito dating Offerte e Richieste di scambio links 1
M [Javascript] [HTML] link interno Javascript 1

Discussioni simili