 PHP ver gevorderde |
|
Eventjes de situatie schetsen. (Je hebt niet iedere file nodig, maar dat weet je hoe het ineen zit)
.htaccess
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^[^/]* /modrewrite.php?page=$0
RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^[^/]* /modrewrite.php?page=$0
modrewrite.php
<?php
session_start();
include_once ('config.php');
if((Isset($_GET['page']) AND $_GET['page'] == "index") or empty($_GET['page'])) {
include ('index.php');
} elseif((Isset($_GET['page']) AND $_GET['page'] == "register")) {
include ('register.php');
} elseif((Isset($_GET['page']) AND $_GET['page'] == "login")) {
include ('login.php');
} elseif((Isset($_GET['page']) AND $_GET['page'] == "logout")) {
include ('logout.php');
} elseif((Isset($_GET['page']) AND $_GET['page'] == "cpanel")) {
$des = explode("/", $_SERVER['REQUEST_URI']);
$_GET['action'] = $des[2];
include ('cpanel.php');
} elseif((Isset($_GET['page']) AND $_GET['page'] == "activate")) {
$des = explode("/", $_SERVER['REQUEST_URI']);
$_GET['user'] = $des[2];
include ('activate.php');
} elseif (Isset($_GET['page'])) {
$des = explode("/", $_SERVER['REQUEST_URI']);
$_GET['action'] = $des[2];
$_GET['user'] = $_GET['page'];
include ('checkprofile.php');
} else {
include ('404.php');
} ?>
<?php include_once ('config.php'); if((Isset($_GET['page']) AND $_GET['page'] == "index") or empty($_GET['page'])) { include ('index.php'); } elseif((Isset($_GET['page']) AND $_GET['page'] == "register")) { include ('register.php'); } elseif((Isset($_GET['page']) AND $_GET['page'] == "login")) { include ('login.php'); } elseif((Isset($_GET['page']) AND $_GET['page'] == "logout")) { include ('logout.php'); } elseif((Isset($_GET['page']) AND $_GET['page'] == "cpanel")) { $des = explode("/", $_SERVER['REQUEST_URI']); $_GET['action'] = $des[2]; include ('cpanel.php'); } elseif((Isset($_GET['page']) AND $_GET['page'] == "activate")) { $des = explode("/", $_SERVER['REQUEST_URI']); $_GET['user'] = $des[2]; include ('activate.php'); } elseif (Isset($_GET['page'])) { $des = explode("/", $_SERVER['REQUEST_URI']); $_GET['action'] = $des[2]; $_GET['user'] = $_GET['page']; include ('checkprofile.php'); } else { include ('404.php'); } ?>
config.php (enkel database connectie)
login.php
<?php
function form($error,$user,$pass) {
return "<form action=\"\" method=\"post\">
<font color=\"red\">".$error."</font>
<table border=\"0\"><tr><td>
Gebruikersnaam:</td><td><input type=\"text\" name=\"user\" value=\"".$user."\"></td></tr><tr><td>
Wachtwoord:</td><td><input type=\"password\" name=\"pass\" value=\"".$pass."\"></td></tr>
<tr><td colspan=\"2\"><input type=\"checkbox\" name=\"public\"> <small>Ik gebruik een openbare computer</small>
<br><a href=\"\">Wachtwoord vergeten?</a></td></tr>
<tr><td></td><td><input type=\"submit\" name=\"login\" value=\"Login\"></td></tr>
</table>
</form>\n";
}
if (Isset($_POST['login'])) {
$lquery = mysql_query("SELECT * FROM members WHERE name='" . $_POST['user'] . "'") or die(mysql_error());
$laquery = mysql_query("SELECT * FROM members WHERE name='" . $_POST['user'] . "' AND activate='0'") or die(mysql_error());
$cuser = mysql_fetch_array($lquery);
if (mysql_num_rows($lquery) == "0") { echo form("Gebruikersnaam is niet correct!","",""); }
elseif (mysql_num_rows($laquery) == "1") { echo form("Uw account is nog niet geactiveerd!","",""); }
elseif(strcmp(md5($_POST['pass']), $cuser['password'])) { echo form("Uw wachtwoord is niet correct!",$_POST['user'],""); }
else {
$_SESSION['userid'] = $cuser['id'];
if (empty($_POST['public']) or $_POST['public'] == 0 or $_POST['public'] == "OFF") {
Setcookie("username", $_POST['user'], Time() + 60 * 60 * 24 * 365);
Setcookie("userpass", $_POST['pass'], Time() + 60 * 60 * 24 * 365);
}
Header("location: /cpanel");
}
} elseif (Isset($_COOKIE['userpass']) AND Isset($_COOKIE['username'])) {
$lquery = mysql_query("SELECT * FROM members WHERE name='".$_COOKIE['username']."'") or die(mysql_error());
$cuser = mysql_fetch_array($lquery);
if(strcmp(md5($_COOKIE['userpass']), $cuser['password'])) { echo form("Uw wachtwoord is niet correct!",$_COOKIE['user'],""); }
else {
$_SESSION['userid'] = $cuser['id'];
Header("location: /cpanel");
}
} else {
echo form("","","");
} ?>
<?php function form($error,$user,$pass) { return "<form action=\"\" method=\"post\"> <font color=\"red\">".$error."</font> <table border=\"0\"><tr><td> Gebruikersnaam:</td><td><input type=\"text\" name=\"user\" value=\"".$user."\"></td></tr><tr><td> Wachtwoord:</td><td><input type=\"password\" name=\"pass\" value=\"".$pass."\"></td></tr> <tr><td colspan=\"2\"><input type=\"checkbox\" name=\"public\"> <small>Ik gebruik een openbare computer</small> <br><a href=\"\">Wachtwoord vergeten?</a></td></tr> <tr><td></td><td><input type=\"submit\" name=\"login\" value=\"Login\"></td></tr> </table> </form>\n"; } if (Isset($_POST['login'])) { if (mysql_num_rows($lquery) == "0") { echo form ("Gebruikersnaam is niet correct!","",""); } elseif (mysql_num_rows($laquery) == "1") { echo form ("Uw account is nog niet geactiveerd!","",""); } elseif(strcmp(md5($_POST['pass']), $cuser['password'])) { echo form ("Uw wachtwoord is niet correct!",$_POST['user'],""); } else { $_SESSION['userid'] = $cuser['id']; if (empty($_POST['public']) or $_POST['public'] == 0 or $_POST['public'] == "OFF") { Setcookie("username", $_POST['user'], Time() + 60 * 60 * 24 * 365); Setcookie("userpass", $_POST['pass'], Time() + 60 * 60 * 24 * 365); } } } elseif (Isset($_COOKIE['userpass']) AND Isset($_COOKIE['username'])) { if(strcmp(md5($_COOKIE['userpass']), $cuser['password'])) { echo form ("Uw wachtwoord is niet correct!",$_COOKIE['user'],""); } else { $_SESSION['userid'] = $cuser['id']; } } else { } ?>
cpanel.php
<?php
if (Isset($_GET['action'])) {
switch ($_GET['action']) {
case "changepassword": include ('changepassword.php'); break;
default: include ('cpanelhome.php'); break;
}
} else {
include ('cpanelhome.php');
}
?>
<?php if (Isset($_GET['action'])) { switch ($_GET['action']) { case "changepassword": include ('changepassword.php'); break; default: include ('cpanelhome.php'); break; } } else { include ('cpanelhome.php'); } ?>
changepassword.php
<?php
function form($error) {
return "<form name=\"FormName\" action=\"\" method=\"post\">
<font color=\"red\">".$error."</font><br>
Uw oud wachtwoord: <input type=\"password\" name=\"passo\" value=\"\"><br><br>
Uw nieuw wachtwoord: <input type=\"password\" name=\"pass\" value=\"\"><br><br>
Uw nieuw wachtwoord: <input type=\"password\" name=\"pass2\" value=\"\"> <small>(opnieuw)</small><br><br>
<input type=\"submit\" name=\"submit\" value=\"Wijzig mijn paswoord\">
</form>\n";
}
if (Isset($_POST['submit']) && Isset($_POST['passo'])) {
$passo = md5($_POST['passo']);
$sqlcheck = "SELECT * FROM members WHERE id='".$_SESSION['userid']."' AND password='".$wachto."'";
$querycheck = mysql_query($sqlcheck) or die (mysql_error());
$correctcheck = mysql_num_rows($querycheck);
if ($correctcheck == "1") {
if ($_POST['pass'] == $_POST['pass2']) {
$pass = md5($_POST['pass']);
mysql_query("UPDATE members SET password='".$pass."' WHERE id='".$_SESSION['userid']."'") or die(mysql_error());
echo "Je wachtwoord is succesvol gewijzigd.<a href=\"/cpanel\">Terug naar controlepaneel</a>";
} else {
echo form("Uw wachtwoorden komen niet overeen.");
}
} else {
echo form("Uw oud wachtwoord is niet correct.");
}
} else {
echo form("");
}
?>
<?php function form($error) { return "<form name=\"FormName\" action=\"\" method=\"post\"> <font color=\"red\">".$error."</font><br> Uw oud wachtwoord: <input type=\"password\" name=\"passo\" value=\"\"><br><br> Uw nieuw wachtwoord: <input type=\"password\" name=\"pass\" value=\"\"><br><br> Uw nieuw wachtwoord: <input type=\"password\" name=\"pass2\" value=\"\"> <small>(opnieuw)</small><br><br> <input type=\"submit\" name=\"submit\" value=\"Wijzig mijn paswoord\"> </form>\n"; } if (Isset($_POST['submit']) && Isset($_POST['passo'])) { $passo = md5($_POST['passo']); $sqlcheck = "SELECT * FROM members WHERE id='".$_SESSION['userid']."' AND password='".$wachto."'"; if ($correctcheck == "1") { if ($_POST['pass'] == $_POST['pass2']) { $pass = md5($_POST['pass']); echo "Je wachtwoord is succesvol gewijzigd.<a href=\"/cpanel\">Terug naar controlepaneel</a>"; } else { echo form ("Uw wachtwoorden komen niet overeen."); } } else { echo form ("Uw oud wachtwoord is niet correct."); } } else { } ?>
Maar in changepassword /cpanel/changepassword wordt de session['userid'] niet weergegeven. Wanneer ik een echo doe, doet hij niets.
Maar bij cpanel(home) /cpanel doet hij dat wel. Hoe kan dit?
PS: Sorry voor de lappen code, maar ik dacht dat je met een stuk niets bent
|
Wat is jouw favoriete javascript framework? (S: 18, R: 2)
Gesponsorde links
Actiefste leden van de maand
