Advanced Search

Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 24

Thread: Strange error re user_id when adding entries to database

  1. #11
    Join Date
    Jul 2010
    Location
    Near Albany, NY
    Posts
    56
    Thanks
    15
    Thanked 0 Times in 0 Posts

    Default

    Traq, thank you for your help. Looking at the actual code on the server, the session function is written correctly, i.e., session_start();

    After I posted the code here, I went back over it and removed a lot of the comments. The parentheses probably got removed then. Several times something got accidentally removed and I would restore it. Here I apparently restored the ";" but not the parentheses.
    Last edited by Anne Arbor; 01-27-2014 at 01:01 AM.

  2. #12
    Join Date
    Apr 2008
    Location
    So.Cal
    Posts
    3,629
    Thanks
    63
    Thanked 516 Times in 502 Posts
    Blog Entries
    5

    Default

    Did you write a function that checks if a user is logged in? If not, then you can probably use something like:
    PHP Code:
    function checkLoggedIn(){
        return ! empty( 
    $_SESSION["user_id"] );

    then, on pages where the user must be logged in:
    PHP Code:
    <?php
    session_start
    ();

    // make sure the function definition is loaded (i.e., include as necessary)
    if( ! checkLoggedIn() ){
        
    // you're not logged in: go log in
        
    header"http://example.com/log-in" );
        exit;
    }

    // now do everything else
    Last edited by traq; 01-27-2014 at 02:00 AM.
    We Only Torture the Folks We Don't Like (You're Probably Gonna Be Okay)
    It's a Party in the CIA

  3. The Following User Says Thank You to traq For This Useful Post:

    Anne Arbor (01-27-2014)

  4. #13
    Join Date
    Jul 2010
    Location
    Near Albany, NY
    Posts
    56
    Thanks
    15
    Thanked 0 Times in 0 Posts

    Default

    Traq, that looks very cool. My understanding of PHP is so threadbare that it will take me a while to try it, but I really look forward to doing so.

    I hope to try this later tonight or tomorrow, and will post the result.

    Thank you so much.

    On edit: Would I define the function on the log_in page? at the top? (or doesn't it matter?) And then actually use it on the logged_in and add_entry pages?

  5. #14
    Join Date
    Jul 2010
    Location
    Near Albany, NY
    Posts
    56
    Thanks
    15
    Thanked 0 Times in 0 Posts

    Default

    Traq, I may owe you a pretty big apology. I was trying *not* to post code that wasn't strictly relevant, so as not to clutter things up. The risk is, of course, that one leaves something essential out. I might have done that, entirely inadvertently. I'm sorry if that turns out to be true.

    I've posted the 'log_in' page and the 'add_entry' page. I thought that would be enough. There is another page which would go, chronologically speaking, in between those two: the 'logged_in' page.

    I'll post the code below. The reason that there are three pages is because the book I was relying on used three pages and I wasn't sure how to combine any of them.

    *Important* - the code below supposedly redirects any user who is not logged in back to the log_in page. That has never happened to me.


    Code:
    <?php # Script 11.5 (DWS) - loggedin.php
    
    // Refers to: first_name; login.php.
    
    ob_start(); // Start output buffering.
    
    require_once ('./includes/config.inc.php');
     // Include the configuration file for error management and such.
    
    $page_title = 'Logged in';
    
    include ('./includes/header.html');
       // Set the page title and include the HTML header.
    
    ?>
    
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
    
    <head>
    <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
    <title>Logged In!</title>
    </head>
    
    <body>
    
    <?php
    
        // Greet the user by name.
    
    if (isset($_SESSION['first_name']) ) {
    
    	echo "You are now logged in, {$_SESSION['first_name']}. <br><br><br>
    
         If you would like to post a new entry, go to the <a href='add_entry.php'>New entry</a> page.</p>";
    
    } else {
    
    // If no session value is present, redirect the user.
    
    	ob_end_clean();    // Delete the buffer.
    
        // Start defining the URL.
    
    	$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
    
    // Check for a trailing slash.
    
    	if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
    
    		$url = substr ($url, 0, -1); // Chop off the slash.
    
    	}
    
    	$url .= '/login.php'; // Add the page.
    
    	header("Location: $url");
    
    	exit();     // Quit the script.
    
                    }
    
    echo '</body>
    </html>';
    
    ob_end_flush();
    
    // Send everything to the Web browser.
    
    ?>

  6. #15
    Join Date
    Apr 2008
    Location
    So.Cal
    Posts
    3,629
    Thanks
    63
    Thanked 516 Times in 502 Posts
    Blog Entries
    5

    Default

    Quote Originally Posted by Anne Arbor View Post
    Would I define the function on the log_in page? at the top? (or doesn't it matter?) And then actually use it on the logged_in and add_entry pages?
    To make it as portable as possible, I would define it in its own script (or, if you already have a script that does nothing but define functions). This way, you can simply include the code wherever you need it.

    Quote Originally Posted by Anne Arbor View Post
    I was trying *not* to post code that wasn't strictly relevant, so as not to clutter things up. The risk is, of course, that one leaves something essential out. I might have done that, entirely inadvertently. I'm sorry if that turns out to be true.
    While that script does seem to do basically what my function describes, the difference is that your script is a page that you have to visit, while the function is used directly on the page in question. And that's an important distinction: if it's on a different page (more specifically, a different request), then the check is useless, because it's not dealing with the page you actually want to protect.
    We Only Torture the Folks We Don't Like (You're Probably Gonna Be Okay)
    It's a Party in the CIA

  7. The Following User Says Thank You to traq For This Useful Post:

    Anne Arbor (01-27-2014)

  8. #16
    Join Date
    Jul 2010
    Location
    Near Albany, NY
    Posts
    56
    Thanks
    15
    Thanked 0 Times in 0 Posts

    Default

    I haven't tried the new function yet because I need to set aside a block of time for that, and the opportunity is eluding me so far today.

    Last night, after re-reading traq's comments and suggestions, I went back to the original error message, about the 'undefined index.' That error points to line 50 in my code. Plugging the code into my IDE, line 50 and its nearest neighbor say the following:

    Code:
            $query = "INSERT INTO moods (user_idm, mood_rating, notes, time_entered)
                      VALUES ('$_SESSION[user_id]', '$mood', '$notes', NOW())";
    Looking at that code, I wonder if there is a problem in the way that the first VALUE is written. Ordinarily a value in square brackets would have single quotes around it. Here that is not true: user_id has no quotes at all. I thought about modifying it so as to enclose user_id in quotes but then I would have multiple layers of quotes and probably run into other problems. Should that first variable be re-written and, if so, how?

  9. #17
    Join Date
    Jul 2010
    Location
    Near Albany, NY
    Posts
    56
    Thanks
    15
    Thanked 0 Times in 0 Posts

    Default

    I tried adding the suggested code, or something like it. Here is the code I added:

    Code:
    session_start();
    
    function checkLoggedIn(){
        return !empty($_SESSION["user_id"] };
    
    if(!checkLoggedIn() ){
        header("http://www.templog.com/login.php");
        exit;
    }
    else {
    echo '<p>Still logged in, and that's important.</p>'; 
    }

    I added the 'else' clause so that I could have a positive indicator of being logged in.

    The result, though, was that I got a completely blank page.

    On edit: I have fooled around quite extensively with the added code to see if I could get it to work, or at least not to blank out the page altogether. The page goes blank if I have start_session(); in it (even without any of the other new code).

    The page is okay when I add function checkLoggedIn(){ }

    However, as soon as I add return !empty($_SESSION["user_id"] between the curly brackets, it again goes blank.
    Last edited by Anne Arbor; 01-27-2014 at 10:38 PM.

  10. #18
    Join Date
    Jul 2010
    Location
    Near Albany, NY
    Posts
    56
    Thanks
    15
    Thanked 0 Times in 0 Posts

    Default

    Oops (accidental post)
    Last edited by Anne Arbor; 01-27-2014 at 10:39 PM.

  11. #19
    Join Date
    Jul 2010
    Location
    Near Albany, NY
    Posts
    56
    Thanks
    15
    Thanked 0 Times in 0 Posts

    Default

    Something good might have happened, although I'm not entirely sure why.

    For the moment, I've commented out all the 'new' code. I went back to my 'logged_in' page, grabbed some of that code and copied it to the add_entry page. Then I added about 20 new entries. All were entered into the database under the correct user_id -- which is a much more robust and reliable showing than I've probably ever had before.

    Here is the code I added. I think it would serve the same function as the proposed code to check on log-in. For some reason, it has worked in the sense that the user is addressed by the correct name, and the entries placed in the form were inserted properly into the database.

    Code:
    if (isset($_SESSION['first_name']) ) {
    
    	echo "You are now logged in, {$_SESSION['first_name']}. <br><br><br>
    
         If you would like to post a new entry, go to the <a href='add_entry.php'>New entry</a> page.</p>";
    Why would this snippet of code work (to a degree, at least), while the other blanked out the page entirely?
    Last edited by Anne Arbor; 01-28-2014 at 12:48 AM.

  12. #20
    Join Date
    Apr 2008
    Location
    So.Cal
    Posts
    3,629
    Thanks
    63
    Thanked 516 Times in 502 Posts
    Blog Entries
    5

    Default

    Quote Originally Posted by Anne Arbor View Post
    PHP Code:
            $query "INSERT INTO moods (user_idm, mood_rating, notes, time_entered)
                      VALUES ('
    $_SESSION[user_id]', '$mood', '$notes', NOW())"
    Looking at that code, I wonder if there is a problem in the way that the first VALUE is written. Ordinarily a value in square brackets would have single quotes around it. Here that is not true: user_id has no quotes at all. I thought about modifying it so as to enclose user_id in quotes but then I would have multiple layers of quotes and probably run into other problems. Should that first variable be re-written and, if so, how?
    YES, the index should be quoted.
    NO, that's not what was causing your problems.

    When you write a string without quotes, PHP recognizes it as the name of a constant. If there is no such constant in your script, then PHP throws an error (E_NOTICE), and then assumes that you really meant it to be a string. So, in the end, it is treated as a string (as you expected), but there was an error and some unnecessary computational expense along the way.

    Quote Originally Posted by Anne Arbor View Post
    PHP Code:
    session_start();

    function 
    checkLoggedIn(){
        return !empty(
    $_SESSION["user_id"] };
    if(!
    checkLoggedIn() ){
        
    header("http://www.templog.com/login.php");
        exit;
    }
    else {
        echo 
    '<p>Still logged in, and that's important.</p>'; 

    The result, though, was that I got a completely blank page.
    You are missing the closing paren and semicolon after your call to empty. The semicolon after the curly brace (which closes the function definition) is unnecessary.

    When php gives you a blank white page, it's usually an indication that a) there was a fatal error, and b) you have error reporting disabled. During development, it's a good idea to go to your php.ini file and turn error reporting on.
    Code:
    error_reporting = E_ALL | E_STRICT
    display_errors = On
    In this case, that would have shown you a message similar to
    Parse error: syntax error, unexpected '}', expecting ')' …
    We Only Torture the Folks We Don't Like (You're Probably Gonna Be Okay)
    It's a Party in the CIA

Similar Threads

  1. Resolved Program stopped adding new entries at end of db; inserts them out of chrono order
    By Anne Arbor in forum MySQL and other databases
    Replies: 15
    Last Post: 01-23-2014, 02:51 AM
  2. Form entries are not populating in mysql database
    By paybadvenilesh in forum MySQL and other databases
    Replies: 1
    Last Post: 04-02-2013, 02:18 PM
  3. Resolved NULL Error When Adding to Database
    By SChaput in forum MySQL and other databases
    Replies: 6
    Last Post: 10-17-2008, 01:04 AM
  4. Replies: 6
    Last Post: 07-27-2006, 08:40 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •