スクリプトをテストしていましたが、セッション値が登録されていませんでした。これが私のエラーメッセージです:
注意: 未定義のインデックス: /home/content/78/10212078/html/ads/new_topic.php の 11 行目の email1
注意: 未定義のインデックス: 12 行目の /home/content/78/10212078/html/ads/new_topic.php の pass1 エラー: システムに存在しません。
そして、ここに11行目と12行目があります:
$u_email = mysql_real_escape_string($_SESSION['email1']);
$u_pass = mysql_real_escape_string($_SESSION['pass1']);
の完全なコードは次のnew_topic.php
とおりです。
<?php
error_reporting(E_ALL); ini_set('display_errors', '1');
session_start();
include_once "../ads/connect_to_mysql.php"; // Connect to the database
// Assume they are a member because they have a password session variable set
// Check the database to be sure that their ID, password, and email session variables all match in the database
$u_id = mysql_real_escape_string($_SESSION['id']);
$u_name = mysql_real_escape_string($_SESSION['username']);
$u_email = mysql_real_escape_string($_SESSION['email1']);
$u_pass = mysql_real_escape_string($_SESSION['pass1']);
$sql = mysql_query("SELECT * FROM members1 WHERE id='$u_id' AND username='$u_name' AND email1='$u_email' AND pass1='$u_pass'");
$numRows = mysql_num_rows($sql);
if ($numRows < 1) {
echo "ERROR: You do not exist in the system.";
exit();
}
// Check to make sure the URL variables of "sid" and "title" are set
if (!isset($_POST['ad_id']) || $_POST['ad_id'] == "" || !isset($_POST['ad_title']) || $_POST['ad_title'] == "") {
echo "Important variables are missing";
exit();
} else {
// Acquire the variables and proceed to show them a form for creating a new topic
$forum_section_id = preg_replace('#[^0-9]#i', '', $_POST['ad_id']);
$forum_section_title = preg_replace('#[^A-Za-z 0-9]#i', '', $_POST['ad_title']);
}
$sql = mysql_query("SELECT * FROM ad_sections WHERE id='$forum_section_id' AND title='$forum_section_title'");
$numRows = mysql_num_rows($sql);
if ($numRows < 1) {
echo "ERROR: That section deos not exist.";
exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="style/style.css" rel="stylesheet" type="text/css" />
<title>Create New Topic</title>
<script type="text/javascript" language="javascript">
<!--
function validateMyForm ( ) {
var isValid = true;
if ( document.form1.post_title.value == "" ) {
alert ( "Please type in a title for this classified" );
isValid = false;
} else if ( document.form1.post_title.value.length < 10 ) {
alert ( "Your title must be at least 10 characters long" );
isValid = false;
} else if ( document.form1.post_body.value == "" ) {
alert ( "Please type in your classified body." );
isValid = false;
}
return isValid;
}
//-->
</script>
</head>
<body>
<table style="background-color: #F0F0F0; border:#069 1px solid; border-top:none;" width="900" border="0" align="center" cellpadding="12" cellspacing="0">
<tr>
<td width="731" valign="top">
<div id="breadcrumbs"><a href="http://www.locallysold.com">Locally Sold Home</a> ← <a href="http://www.locallysold.com/">Section Home</a> ← <a href="section.php?id=<?php echo $forum_section_id; ?>"><?php echo $forum_section_title; ?></a></div>
<h2>Creating New Classified In the <em><?php echo $forum_section_title; ?></em> Forum</h2>
<form action="parse_post.php" method="post" name="form1">
<input name="post_type" type="hidden" value="a" />
Topic Author:<br /><input name="topic_author" type="text" disabled="disabled" maxlength="64" style="width:96%;" value="<?php echo $u_name; ?>" />
<br /><br />
Please type in a title for your classified here:<br /><input name="post_title" type="text" maxlength="64" style="width:96%;" /><br /><br />
Please type in your classified body:<br /><textarea name="post_body" rows="15" style="width:96%;"></textarea>
<br /><br /><input name="" type="submit" value="Create my classified now!" onclick="javascript:return validateMyForm();"/><input name="fsID" type="hidden" value="<?php echo $forum_section_id; ?>" />
<input name="fsTitle" type="hidden" value="<?php echo $forum_section_title; ?>" />
<input name="uid" type="hidden" value="<?php echo $_SESSION['id']; ?>" />
<input name="upass" type="hidden" value="<?php echo $_SESSION['pass1']; ?>" />
</form>
</td>
<td width="189" valign="top"><div style=" width:160px; height:600px; background-color: #999; color: #CCC; padding:12px;"> <br/>
<br/>
<br />
<h3>Ad Space or Whatever</h3>
</div></td>
</tr>
</table>
</body>
</html>
login.php でセッション変数を設定する場所は次のとおりです。
<?php
// Start Session to enable creating the session variables below when they log in
session_start();
// Force script errors and warnings to show on page in case php.ini file is set to not display them
error_reporting(E_ALL);
ini_set('display_errors', '1');
// Initialize some vars
$errorMsg = '';
$email = '';
$pass = '';
$remember = '';
if (isset($_POST['email1'])) {
$email = $_POST['email1'];
$pass = $_POST['pass1'];
if (isset($_POST['remember'])) {
$remember = $_POST['remember'];
}
$email = stripslashes($email);
$pass = stripslashes($pass);
$email = strip_tags($email);
$pass = strip_tags($pass);
// error handling conditional checks go here
if ((!$email) || (!$pass)) {
$errorMsg = 'Please fill in both fields';
} else { // Error handling is complete so process the info if no errors
include 'connect_to_mysql.php'; // Connect to the database
$email = mysql_real_escape_string($email); // After we connect, we secure the string before adding to query
//$pass = mysql_real_escape_string($pass); // After we connect, we secure the string before adding to query
$pass = md5($pass); // Add MD5 Hash to the password variable they supplied after filtering it
// Make the SQL query
$sql = mysql_query("SELECT * FROM members1 WHERE email1='$email' AND pass1='$pass' AND email_activated='1'");
$login_check = mysql_num_rows($sql);
// If login check number is greater than 0 (meaning they do exist and are activated)
if($login_check > 0){
while($row = mysql_fetch_array($sql)){
// Pleae note: Adam removed all of the session_register() functions cuz they were deprecated and
// he made the scripts to where they operate universally the same on all modern PHP versions(PHP 4.0 thru 5.3+)
// Create session var for their raw id
$id = $row["id"];
$_SESSION['id'] = $id;
// Create the idx session var
$_SESSION['idx'] = base64_encode("g4p3h9xfn8sq03hs2234$id");
// Create session var for their username
$username = $row["username"];
$_SESSION['username'] = $username;
// Create session var for their email
$useremail = $row["email1"];
$_SESSION['useremail'] = $useremail;
// Create session var for their password
$userpass = $row["pass1"];
$_SESSION['userpass'] = $userpass;
mysql_query("UPDATE members1 SET last _log_date=now() WHERE id='$id' LIMIT 1");
} // close while
// Remember Me Section
if($remember == "yes"){
$encryptedID = base64_encode("g4enm2c0c4y3dn3727553$id");
setcookie("idCookie", $encryptedID, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days
setcookie("passCookie", $pass, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days
}
// All good they are logged in, send them to homepage then exit script
header("location: index.php?test=$id");
exit();
} else { // Run this code if login_check is equal to 0 meaning they do not exist
$errorMsg = "Incorrect login data, please try again";
}
} // Close else after error checks
} //Close if (isset ($_POST['uname'])){
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="icon" href="favicon.ico" type="image/x-icon" />
<link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
<link href="style/main.css" rel="stylesheet" type="text/css" />
<script src="/jquery-1.9.0.js" type="text/javascript"></script>
<title>Log In</title>
<style type="text/css">
<!--
body {
margin-top: 0px;
}
-->
</style></head>
<body>
<div align="center"><a href="index.php"><img src="images/logo1.png" alt="Locally Sold Home Page" width="197" height="104" border="0" /></a></div>
<table width="400" align="center" cellpadding="6" style="background-color:#FFF; border:#666 1px solid;">
<form action="login.php" method="post" enctype="multipart/form-data" name="signinform" id="signinform">
<tr>
<td width="23%"><font size="+2">Log In</font></td>
<td width="77%"><font color="#FF0000"><?php print "$errorMsg"; ?></font></td>
</tr>
<tr>
<td><strong>Email:</strong></td>
<td><input name="email1" type="text" id="email1" style="width:60%;" /></td>
</tr>
<tr>
<td><strong>Password:</strong></td>
<td><input name="pass1" type="password" id="pass1" maxlength="24" style="width:60%;"/></td>
</tr>
<tr>
<td align="right"> </td>
<td><input name="remember" type="checkbox" id="remember" value="yes" checked="checked" />
Remember Me</td>
</tr>
<tr>
<td> </td>
<td><input name="myButton" type="submit" id="myButton" value="Sign In" /></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td colspan="2">Forgot your password? <a href="forgot_pass.php">Click Here</a>
<br /></td>
</tr>
<tr>
<td colspan="2">Need an Account? <a href="register.php">Click Here</a><br /> <br /></td>
</tr>
</form>
</table>
<br />
<br />
<br />
</body>
</html>