Archadian28

*** REWRITTEN FOR SECURITY PURPOSES *** Ok well i see alot of posts about login systems so i will post mine. This is for an admin and regular member login. If you dont want the admin part I will show you want to remove at the end of the post. You can alter any code to fit your needs. I have removed the name of the cookie in this example i will explain what to change/add at the end of this post and where. I wrote this myself so use it or change it as needed. This will be based on the form redirecting to index.php. This is just basic code: MAKE SURE YOU HAVE session_start(); at the top of the page... Login Form: <div id="login"> <?php if (!isset($_SESSION['usern']) && !isset($_SESSION['sess'])) { // Checks to see if the cookie is set for a logged in member, if not show the form to login ?> <table border="0" cellspacing="0" cellpadding="0"> <form name="login" method="POST" action="index.php"> // add the page the form will redirect to on submit to check the data in the form. <tr> <td><INPUT type="text" id="user" class="user" name="usern" size="20" value="Username"></td> // USERNAME will appear in the textbox to change just add <td>Username: </td> before <td><INPUT and remove value="" <td><INPUT type="password" id="pass" class="pass" name="passw" size="20" value="Password"></td>// PASSWORD will appear in the textbox to change just add <td>Password: </td> before <td><INPUT and remove value="" <td><INPUT type="submit" name="submit" value="Login"></td> </tr> </form> </table> <?php } else { header("Location: index.php"); } ?> <p class="clear" /> </div> index.php: (placed at the top of the page.) $db = new Database(); $cookie = new Cookie(); $login = new Login(); login(); // Simple right? functions files included on index.php for login();. My function file: function login() { if ($_POST['submit'] == "Login") { $usern = $_POST['usern']; $passw = $_POST['passw']; unset($_POST['submit']); unset($_POST['usern']); unset($_POST['passw']); global $login; $login->check_login($usern, $passw); } // Logout if (isset($_GET['action']) && isset($_SESSION['user']) && isset($_SESSION['sess'])) { if ($_GET['action'] === "logout") { unset($_GET['action']); global $login; $login->logout(); } } } Login.php - My login class <?php class Login { public function check_login($chkuser, $chkpass) { if (isset($chkuser) && isset($chkpass)) { global $db; $pw = md5($chkpass); $db->query = "SELECT usern, passw, admin, adsess FROM TABLE_NAME WHERE usern='$chkuser' AND passw='$pw'"; $result = $db->sql_query($db->query); $row = $db->fetch_object($result); if ($chkuser == $row->usern && $pw == $row->passw) { global $cookie; $cookie->login_cookie($row->usern, $row->passw); if ($row->admin === '1') { $cookie->admin_cookie($row->usern, $row->passw); } if (isset($_SESSION['admin']) && isset($_SESSION['adchk'])) { header("Location: http://www.YOURSITE.com"); // This will redirect the ADMIN to the homepage of the admin section } else { header("Location: index.php"); // Change this to your homepage } } else { ?> <script type="text/javascript"> alert('The Username and/or Password did not match. Please try again.'); </script> <?php header("Location: index.php"); } } else { ?> <script type="text/javascript"> alert('The Username and/or Password did not match. Please try again.'); </script> <?php } } function logout() { global $cookie; foreach ($_SESSION as $key => $value) { $cookie->kill_cookie($key, $value); } unset($_SESSION[phpSESSID]); header("Location: index.php"); } } // end class ?> My cookie class (cookie.php): <?php class Cookie { function login_cookie($username, $password) { if (isset($username) && isset($password)) { $rand = md5(rand(10000, 99999999)); $_SESSION[$usern] = $username; $_SESSION[$user] = md5($username); $_SESSION[$sess] = $rand; } else { ?> <script type="text/javascript"> alert('The Username and/or Password did not match. Please try again.'); </script> <?php } } function admin_cookie($user, $pass) { global $db; // My database connection...add yours here $db->query = "SELECT usern, passw, name, admin FROM TABLE_NAME WHERE usern='$user' AND passw='$pass'"; $result = $db->sql_query($db->query); $row = $db->fetch_object($result); if ($user == $row->usern && $pass == $row->passw && $row->admin == 1) { if ($row) { $md = md5(rand(100, 10000)); $db->query = "UPDATE TABLE_NAME SET adsess='$md' WHERE usern = '$row->usern' AND passw = '$row->passw'"; $result = $db->sql_query($db->query); if ($result) { $name = $row->name; $mdname = md5($name); $_SESSION['admin'] = md5($mdname); $_SESSION['adchk'] = md5($mdname . $mdname); } else { ?> <script type="text/javascript"> alert('The Admin Privileges were not set.'); </script> <?php } } else { ?> <script type="text/javascript"> alert('The Username and Password could not be checked against the database.'); </script> <?php } } else { ?> <script type="text/javascript"> alert('The Username and/or Password did not match (Admin).'); </script> <?php } } function kill_cookie($name = "", $value = "") { if (isset($name)) { global $db; $user = $_SESSION['usern']; $db->query = "SELECT usern, adsess, admin FROM TABLE_NAME WHERE usern = '$user'"; $result = $db->sql_query($db->query); $row = $db->fetch_object($result); if ($row->adsess != 0 && $row->usern == $user && $row->admin == 1) { $db->query = "UPDATE TABLE_NAME SET adsess='0' WHERE usern = '$user'"; $db->sql_query($db->query); } session_destroy($_SESSION); } else { ?> <script type="text/javascript"> alert('The cookies were not deleted.'); </script> <?php } } } ?> I have global $db; everywhere so i will post my db class as well...i use the old fashion connects XD database.php: class Database { protected $db; protected $num; public $result; var $query; function __construct() { global $host, $user, $pass, $name; $this->dbhost = $host; $this->dbuser = $user; $this->dbpass = $pass; $this->dbname = $name; $this->db_open(); } protected function db_open() { $this->db = mysqli_connect($this->dbhost, $this->dbuser, $this->dbpass, $this->dbname); if (empty($this->db)) { error('DATABASE CONNECTION FAILED.', MYSQL_ERROR); } else { return $this->db; } } public function sql_query($query) { if (isset($query)) { $result = mysqli_query($this->db, $query) or die("Error: ".mysqli_error($this->db)); if (!isset($result)) { die("Query connection failed: " . mysqli_error($this->db)); // Change this to whatever you want } else { return $result; } } else { // Your error message here: "Query was empty". } } public function fetch_object($obj) { return mysqli_fetch_object($obj); } public function num_rows($num) { return mysqli_num_rows($num); } function db_close($db) { if (isset($db)) { mysqli_close($db); unset($db); } } } // end db class ?> I probably missed something so i will read over this 1000 times to make sure i didn't. As far as the actual database table change TABLE_NAME in EVERY query so its directed to your table. my table consists of this: id name usern passw admin adsess so make a users table, name it whatever you want to and replace TABLE_NAME with whatever you name the table and add those rows in the code above so everything will work. You can add more to the users if you want but those 6 rows MUST be included. As far as the admin part of it if you don't need it just leave it in the code. You might be able to use it later. if you do use the admin code just add this to whatever you want ONLY the admins to see, whether its a page or simple paragraph: if (isset($_SESSION['admin']) && isset($_SESSION['adchk'])) { // ADMIN EYES ONLY!!! } And for members only no guests: if (isset($_SESSION['user']) && isset($_SESSION['sess'])) // NO GUESTS ALLOWED!!! } For members and admins only no guests just combine both of them. The dababase class i posted has my db info (username, password, etc.) require() thats what the global $host, $user, $pass, $dbname; is for if you want to include that in the database class change this: class Database { protected $db; protected $num; public $result; var $query; function __construct() { global $host, $user, $pass, $name; $this->dbhost = $host; $this->dbuser = $user; $this->dbpass = $pass; $this->dbname = $name; $this->db_open(); } protected function db_open() { To this: class Database { private $dbhost = "localhost"; // Your mysql server address (web address or IP address) private $dbuser = "USERNAME"; private $dbpass = "PASSWORD"; private $dbname = "TABLE_NAME"; // your database name protected $db; protected $num; public $result; var $query; function __construct() { $this->db_open(); } protected function db_open() { Well i hope this helps. Again, like the pagination post, im sure this looks very confusing. Just add the login form to your page, copy and paste the code for the index.php in the index.php file (main page or where ever the login form is going once the user clicks submit) then copy and paste the cookie, login and database classes and name the files accordingly to the names of the class (lower case) and as an auto loader that loads every class file in the classes folder (or where ever you store your class files put this on the index.php as well: // autoload classes spl_autoload_register(null, false); spl_autoload_extensions('.php'); function classLoader($class) { $filename = strtolower($class) . '.php'; $file = 'YOUR_CLASS_DIRECTORY' . $filename; // CHANGE THIS TO YOUR CLASS DIRECTORY if (!file_exists($file)) { die("There is no such file: " . $filename . "."); return false; } include $file; } spl_autoload_register('classLoader'); If i have missed anything please let me know. Enjoy! Oh and for the logout link its just: ?action=logout at the end of your URL link ex: www.mysite.com/index.php?action=logout This also sets adsess in the database to a md5() encryption and sets it to 0 on logout...so you can compare/check to that as well for admin verification. I will post a full template system for everyone here in the next 24-48 hours so be on the lookout! Enjoy. My mistake, so the errors don't pop up if you DO NOT want the admin system go to the Login.php class and remove this: if ($row->admin === '1') { $cookie->admin_cookie($row->usern, $row->passw); } if (isset($_SESSION['admin']) && isset($_SESSION['adchk'])) { header("Location: http://www.YOURSITE.com"); // This will redirect the ADMIN to the homepage of the admin section } else { header("Location: index.php"); // Change this to your homepage } And the "admin" and "adsess" from the SQL query statements. You can leave the admin_cookie in the Cookie.php class file.

Don't forget the <?php ?> tags before and after....i didn't include them in the code .

I'm sure someone out there is looking for a pagination template so here it is: pagination.php (class file) <?php class Pagination { public $curr_page = 1; public $per_page = 10; // Number if results per page if this isn't passed into the pagination class on the page...I will reference this on the actual page public $total_count=0; function __construct($curr_page, $per_page, $total_count) { $this->curr_page = (int)$curr_page; $this->per_page = (int)$per_page; $this->total_count = (int)$total_count; } function limit() { return $this->per_page; } function offset() { return $this->per_page * ($this->curr_page - 1); } function total_pages() { return ceil($this->total_count/$this->per_page); } function prev_pg() { return $this->curr_page - 1; } function next_pg() { return $this->curr_page + 1; } function has_prev_pg() { return $this->prev_pg() >= 1 ? true : false; } function has_next_pg() { return $this->next_pg() <= $this->total_pages() ? true : false; } } // End Pagination Class ?> Then on the pages you want the pagination just add this: ***(make sure you include() or require() pagination.php on your pages) Top of page: // Pagination global $db; // references my database class...you need some type of connection here for a row count in the database for $total_count $curr_page = !empty($_GET['pg']) ? (int)$_GET['pg'] : 1; // If the pg is not set it sets $curr_page to 1 $per_page = 5; // This was set to 10 in the pagination class, but since i am passing 5 into Pagination() it will overwrite the 10. $total_count = // You need a row count on the database you are using...this needs to equal the total rows $pg = new Pagination($curr_page, $per_page, $total_count); // Initiates the Pagination class DON"T FORGET TO INCLUDE pagination.php ABOVE THIS LINE or it will not work $limit = $pg->limit(); $offset = $pg->offset(); This is the SQL statement and while loop for the actual data you want to retrieve from the database: $sql = "SELECT * FROM TABLE_NAME LIMIT $limit OFFSET $offset"; // I'm sure most of you know MySQL already. while($row = $db->fetch_object($result)) { // your table here } This is the bottom portion: <div class="pagination"> // My div for it i will post the CSS code as well. <?php $wid = $_GET['id']; $total = $pg->total_pages(); if ($total > 1) { if ($pg->has_prev_pg()) { echo "<a href=\"index.php?id=$wid&pg="; // replace with your page URL but pg= must be included whether its ? or & echo $pg->prev_pg(); echo "\">Previous</a>"; } for($i=1; $i <= $total; $i++) { if ($i == $curr_page) { echo " <span class=\"selected\">{$i}</span> "; // In css code } else { echo " <a href=\"index.php?id=$wid&pg={$i}\">{$i}</a> "; // replace with your page URL but pg= must be included whether its ? or & } } if ($pg->has_next_pg()) { echo "<a href=\"index.php?id=$wid&pg="; // replace with your page URL but pg= must be included whether its ? or & echo $pg->next_pg(); echo "\">Next »</a>"; } } unset($limit); unset($offset); ?> </div> And here is the CSS: .pagination { position: relative; width: 620px; height: 20px; top: 35px; text-align: center; vertical-align: middle; margin: 5px auto; } .pagination a { margin: 0 5px; font-size: 1em; color: #7E7E7E; background: none; } .selected { color: white; font-size: 1em; background-color: #333; text-decoration: none; } Obviously you can change the css to fit your needs. I hope this helps. It seems complicated at first but its just a matter of copy and paste and some DB coding. Enjoy. Oh and you might want to take out everything after the //, just notes to the user .

Ben you are a genius lol. I wrote this at 3am this morning. I should have caught that. I changed this: <input id='qnty' name='$row->token' type='text' size='3' onchange='sendVal(this.id, this.name)' value='$qnty' /> to this: <input id='$row->token' name='qnty' type='text' size='3' onchange='sendVal(this.id)' value='$qnty' /> and i changed this: function sendVal(id, name) { var getQnty = parseInt(document.getElementById(id).value); var token = document.getElementById(id).name; window.location = "index.php?page=addtocart&qnty=" + getQnty + "&token=" + token; } to this: function sendVal(id) { var getQnty = document.getElementById(id).value; var token = document.getElementById(id).id; window.location = "index.php?page=cart&qnty=" + getQnty + "&token=" + token; } It works perfectly. Thanks for your help Ben.

Ok, im using javascript (scroll up to code) to send the id='qnty' and name='$row->token' to the javascript function sendVal() in the input field. When i add the first item to the shopping cart it sends that quantity and token ($row->token) to the variables in the javascript function and saves them there. So no matter what i add afterwards, the var getQnty and var token have the info from the first item in the shopping cart...thats why all the others aren't updating the quantity. It shows the Quantity of the first item on all the others...same for the token. Any solutions to this? Thanks.

yeah its still in the testing stages. a confirmation will be seen when they add items...having gotten to that yet lol. trying to figure out why only the first item in the shopping cart is able to have its quantity updated but not the rest. As far as item_exists here is the code: function item_exists($token) { global $db; if (strlen($token) == 32) { $db->query = "SELECT token FROM products"; $result = $db->sql_query($db->query); while($row = $db->fetch_object($result)) { if ($row->token == htmlentities(addslashes($token))) { return true; } } return false; } else { send_error_loc("TOKEN ERROR", "The token and/or the product doesn't exist."); } } Ok im checking both now. Still can't update the quantity on the 2nd row and down....only the first one.

ok i fixed the total for now anyways heres the code....but only the first item in the cart is able to be updated the others i try to update the quantity and it doesn't work but it says its been updated. displaying correct total fixed: function showTotal(ShoppingCart $shopcart) { $total = $shopcart->getTotal(); return '<tr> <td colspan="2"></td> <td><b>Total:</b></td> <td><b>$' . $total . '</b> </td> </tr>'; } ------------------------------ public function getTotal() { global $db; foreach ($this->GetItems() as $key) { $db->query = "SELECT price FROM products WHERE token='$key'"; $result = $db->sql_query($db->query); $row = $db->fetch_object($result); $total += ($row->price * $this->getItemQnty($key)); } return number_format($total, 2); }

Here is the code: <input id='qnty' name='$row->token' type='text' size='3' onchange='sendVal(this.id, this.name)' value='$qnty' /> //text field to change the quantity ------------ function sendVal(id, name) { // gets the value and token from the row for the quantity var getQnty = parseInt(document.getElementById(id).value); var token = document.getElementById(id).name; window.location = "index.php?page=addtocart&qnty=" + getQnty + "&token=" + token; } ------------------- public function updQnty($pid, $qnty) { // In the shopping cart class if ($qnty != 0) { $this->scart[$pid] = $qnty; } else { $this->remove($pid); } } ---------------- $shopcart = getCart(); if (isset($_GET['qnty'])) { // in addtocart file that the javascript function for the input field redirects to, this code should update $num = $_GET['qnty']; $token = $_GET['token']; unset($_GET['qnty']); unset($_GET['token']); if (item_exists($token) && ($num <= 10) && is_numeric($num)) { $shopcart->updQnty($token, $num); setCart($shopcart); ?> <script type="text/javascript"> alert('Quantity updated successfully.'); window.location = "javascript: history.go(-1)"; </script> <?php } else { ?> <script type="text/javascript"> alert('That item does not exist or the quantity was too high.'); window.location = "javascript: history.go(-1)"; </script> <?php } } ----------------------- This is the full code for my templates for the Shopping Cart. Maybe its something I am over looking: function shoppingCart_Row(ShoppingCart $shopcart , $pid, $counter) { global $db; $db->query = "SELECT title, body, price, token FROM products WHERE token='$pid'"; $result = $db->sql_query($db->query); $row = $db->fetch_object($result); $qnty = $shopcart->getItemQnty($row->token); $price = $row->price; $total = number_format(($qnty * $price), 2); return " <tr bgcolor='#2C2C2C'> <td align='left' width='65%'> $row->title <input type='hidden' name='item_name_$counter' value='$row->title' /> </td> <td width='10%'><div class='remove'><a href='index.php?page=addtocart&action=remove&id=$row->token'>Remove</a></div></td> <td> <input id='qnty' name='$row->token' type='text' size='3' onchange='sendVal(this.id, this.name)' value='$qnty' /> <input type='hidden' name='quantity_$counter' value='$qnty' /> </td> <td> $$total <input type='hidden' name='amount_$counter' value='$price' /> </td> </tr> "; } function showTotal(ShoppingCart $shopcart) { global $db; foreach ($shopcart->GetItems() as $key) { $db->query = "SELECT price, token FROM products WHERE token='$key'"; $result = $db->sql_query($db->query); $row = $db->fetch_object($result); $qnty = $shopcart->getItemQnty($row->token); $total = number_format(($qnty * $row->price), 2); $grdTotal += $total; } return '<tr> <td colspan="2"></td> <td><b>Total:</b></td> <td><b>$' . number_format($grdTotal, 2) . '</b> </td> </tr>'; } function exec_shopcart() { $shopcart = getCart(); $output = ' <tr> <th colspan="2" width="75%"><b>Items</b></th> <th width="10%"><b>Quantity</b></th> <th width="15%"><b>Amount</b></th> </tr> '; $counter = 1; foreach ($shopcart->GetItems() as $pid) { $output .= shoppingCart_Row($shopcart , $pid, $counter); $counter++; } $output .= showTotal($shopcart); $output .= "</table>"; return $output; } the token is stored in the database and its a md5() conversion that references the title, description, image and price of each product. Thanks for the help!

The remove works perfectly and i had to use javascript to get the new quantity entered. You can't put a form inside of a form so i had to use the onchange="" inside the input field. Pass the form.id value to a javascript function then window.location to a php file. The price doesn't show up correctly when you put in a new quantity and it seems like only the first item updates. Why would that happen?

Yes i can take it from here...i didn't copy the code from the PHP Shopping Cart tutorial, just used it as a guideline. Thanks for your time posting the information. This will definitely get me started. Thanks again!

Can anyone help on this issue? I have tried everything. If anyone has the PHP Shopping Cart project files just give an example off of that and i'll recode it to fit mine. I just need to see an example of updating and removing. If anyone could point me in the right direction it will be greatly appreciated. Thanks.

Can anyone tell me how to update the quantity and remove items from the list in the shopping cart? I bought the $30 video tutorial which neither one was talked about. Thanks