Comments (15)
commented on July 20, 2024
this script does not handle it. however, you can edit the database. personaly i use phpmyadmin for this. its simple and there a lot of info in the internet about it.
from huge.
riefkhy
commented on July 20, 2024
thanks for the reply, but do you think can we give authorise for user to edit their own account?
from huge.
commented on July 20, 2024
Phpmyadmin in a database administrator tool. You don't want your users in! And PHP-Login can't do it. So, unless someone commit a peice of code that do it, it's a sad no.
from huge.
mihas7f
commented on July 20, 2024
Hi
Paste code below in to your logged_in.php page and now we just need to find out hout to EDIT data we just GET from mysql
<!--//////////////////////// START User Profile Page //////////////////////////////////////-->
<div style="position:absolute; top:25%; left:25%;padding:10px; background-color:#fff; box-shadow: 0 1px 5px rgba(0, 0, 0, 0.25); width:600px; height:305px">
<div style="position:absolute;left: 10px; padding: 5px; width: 95%;magrin-left: 50px; background:#c9c9c9;">
<form method="post" action="index.php?register" name="registerform" id="registerform" style="padding-left:30px;">
<div class="login" style="height:250px;">
<div id="login_avatar_wrapper" style="width: 125px; height: 250px; float:left; margin:0;">
<div id="login_avatar" class="standard_avatar" style="width: 125px; height: 125px; float:left; margin:0;">
<!--<img id="login_avatar" src="views/img/ani_avatar_static_01.png" style="width:125px; height:125px;" />-->
</div>
<div style="width: 124px; height: 125px; float:right; margin:0; border-right: 1px solid #e6e6e6;">
</div>
</div>
<div style="width: 250px; height: 125px; float:left; margin:0;">
<div style="width: 250px; height: 62px; float:left; margin:0; border-bottom: 1px solid #e6e6e6;">
<input id="login_input_username" class="login_input" type="text" name="user_name" value="<?php echo $_SESSION['user_name']; ?>" />
</div>
<div style="width: 250px; height: 61px; float:left; margin:0; border-bottom: 1px solid #e6e6e6;">
<input id="login_input_email" class="login_input" type="text" name="user_email" value="<?php echo $_SESSION['user_email']; ?>" />
</div>
</div>
<div style="width: 124px; height: 250px; float:left; margin:0; border-left: 1px solid #e6e6e6;">
<div class="login_submit_register">
<input type="submit" name="register" style="width:124px; height:250px; padding-top: 60px; text-align: center; font-size:11px; font-family: 'Droid Sans', sans-serif; color:#666666; border:0; background: transparent; cursor: pointer;" value="Register" />
</div>
</div>
</div>
<div style="width:500px; height: 40px; line-height: 40px; text-align: right; color:#ccc; font-size:11px; font-family: 'Droid Sans', sans-serif; ">
<a class="login_link" href="index.php">Back to Login Page</a>
</div>
</form>
</div>from huge.
riefkhy
commented on July 20, 2024
ok i customized the page already :)
thanks for the help. hmmm what should I do to make user able to edit their data
thank you v much
from huge.
commented on July 20, 2024
it shoud create a new file and include it on request like index.php?edit_user
For the backend, Its more complex. but you can hack and reproduce/adapt what have already been made on the register process. But be shure to NOT allow unloged user to edit stuff! and user edit other user stuff.
Im waiting to see my pull request accepted or denided after, i will work on that and nonce. (Poking Panique :P)
from huge.
riefkhy
commented on July 20, 2024
so i have to add some script to login_class.php and make new php file named user_edit or kinda. or just put it on logged_in.php since logged_in.php only accessable by logged in user?
from huge.
riefkhy
commented on July 20, 2024
i just need php mysql query for update data.. anyone? thanks,,
from huge.
panique
commented on July 20, 2024
@riefkhy can you rewrite that sentence, i dont know what you mean
from huge.
riefkhy
commented on July 20, 2024
@panique I wrote so many comments, can you clarify which sentence in which comment?
anyway, I would like to add a page for logged in user to edit their information e.g password, email.
I also added some fields e.g firstname,lastname,phone.
Now, I am stuck at user edit page, where if I hit edit information button, nothing happened.
Here is the function of edit data I tried : (I put this in Login.class.php)
private function editUserData() {
if (($_POST['edit_user_password_new'] == $_POST['edit_user_password_repeat']) && ($_SESSION['user_email'] != $_POST['edit_user_email'])) {
// escapin' this
$this->edit_user_name = $this->connection->real_escape_string($_POST['edit_user_name']);
$this->edit_user_password = $this->connection->real_escape_string($_POST['edit_user_password_new']);
$this->edit_user_password_repeat = $this->connection->real_escape_string($_POST['edit_user_password_repeat']);
$this->edit_user_email = $this->connection->real_escape_string($_POST['edit_user_email']);
$this->edit_countryArea = $this->connection->real_escape_string($_POST['edit_countryArea']);
$this->edit_phone = $this->connection->real_escape_string($_POST['edit_phone']);
$this->edit_first_name = $this->connection->real_escape_string($_POST['edit_first_name']);
$this->edit_last_name = $this->connection->real_escape_string($_POST['edit_last_name']);
$this->edit_month = $_POST['edit_month'];
$this->edit_day = $_POST['edit_day'];
$this->edit_year = $_POST['edit_year'];
$edit_date = date("Y-m-d", mktime(0,0,0,$this->month, $this->day, $this->year));
$this->edit_gender = $this->connection->real_escape_string($_POST['edit_gender']);
$this->edit_country = $this->connection->real_escape_string($_POST['edit_country']);
$edit_phonenumber = $_POST['edit_countryArea'] . $_POST['edit_phone'];
// cut data down to max 64 chars to prevent database flooding
$this->edit_user_name = substr($this->user_name, 0, 64);
$this->edit_user_password = substr($this->user_password, 0, 64);
$this->edit_user_password_repeat = substr($this->user_password_repeat, 0, 64);
$this->edit_user_email = substr($this->user_email, 0, 64);
$this->edit_phone = substr($this->phone, 0, 15);
$this->edit_first_name = substr($this->first_name, 0, 15);
$this->edit_last_name = substr($this->last_name, 0, 15);
// generate random string "salt", a string to "encrypt" the password hash
// this is a basic salt, you might replace this with a more advanced function
// @see http://en.wikipedia.org/wiki/Salt_(cryptography)
function get_salt($length) {
$options = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./';
$salt = '';
for ($i = 0; $i <= $length; $i ++) {
$options = str_shuffle ( $options );
$salt .= $options [rand ( 0, 63 )];
}
return $salt;
}
////////////////////////////////////////////////////////////////////////////////////////////////////////////////
$max_salt = CRYPT_SALT_LENGTH;
//blowfish hashing with a salt as follows: "$2a$", a two digit cost parameter, "$", and 22 base 64
//here you can define the hashing algorithm.
//@see: php.net/manual/en/function.crypt.php
$hashing_algorithm = '$2a$10$';
//get the longest salt, could set to 22 crypt ignores extra data
$salt = get_salt ( $max_salt );
//append salt2 data to the password, and crypt using salt, results in a 60 char output
$this->user_password_hash = crypt ( $this->edit_user_password, $hashing_algorithm . $salt );
$query_check_user_name = $this->connection->query("SELECT * FROM users WHERE user_name = '".$this->edit_user_name."'");
if($query_check_user_name->num_rows == 1) {
$query_edit_user = $this->connection->query("UPDATE users SET first_name, last_name, user_name, user_email, user_password_hash, phone, birthday, gender, country = '".$this->edit_user_name."', '".$this->edit_user_password_hash."', '".$this->edit_user_email."', '".$edit_phonenumber."', '".$this->edit_first_name."', '".$this->edit_last_name."', '".$edit_date."', '".$this->edit_gender."', '".$this->edit_country."' WHERE user_name = '".$this->user_name."';");
} else {
$this->errors[] = "Fatal Error";
if ($query_edit_user) {
$this->messages[] = "Your account was successfully edited.<br/>Please <a href='index.php' class='green_link'>click here to go back to Main Menu</a>.";
$this->registration_successful = true;
} else {
$this->errors[] = "Sorry, your registration failed. Please go back and try again.";
}
}
}
}
from huge.
riefkhy
commented on July 20, 2024
sorry for the messed up comment I just made, I dont know how to make it neater.
(Fixed it) thanks you:)
from huge.
panique
commented on July 20, 2024
@riefkhy Sorry, i meant the last one. Cannot figure out what you want to say...
from huge.
riefkhy
commented on July 20, 2024
@panique answered though, I meant this part
$query_edit_user = $this->connection->query("UPDATE users SET first_name, last_name, user_name, user_email, user_password_hash, phone, birthday, gender, country = '".$this->edit_user_name."', '".$this->edit_user_password_hash."', '".$this->edit_user_email."', '".$edit_phonenumber."', '".$this->edit_first_name."', '".$this->edit_last_name."', '".$edit_date."', '".$this->edit_gender."', '".$this->edit_country."' WHERE user_name = '".$this->user_name."';");
is it correct?
from huge.
sjaaklauwers
commented on July 20, 2024
@riefkhy Why do you want to add user data management functionality into login functionality? Makes no sense to me at all. Better to seperate the two and NOT to add it into the class login. Giving the (registered) user the ability to change his/her username, password, etc. has nothing to do with giving the (registered) user the ability to login.
Same holds for the registering part of this script. An improvement would be to seperate the registering part from the class login and move it to some other class like class user.
One should keep in mind the difference between login functionality and (user) data management. The first is about permissions regarding (parts of) an application, the second is about data management (create, read, update, delete) regardingone or more data collections.
from huge.
panique
commented on July 20, 2024
Coming up in the 2-advanced version of the script.
from huge.
Related Issues (20)
- [QUESTION] PostgreSQL HOT 4
- MySQL connection error HOT 3
- [NOTE] bootstrap.sh HOT 1
- ❤ ! HOT 1
- Changes for Postgres
- Calling model on view?
- Session validation improvement
- Q
- Configuration files
- Configuration files HOT 5
- New user registration issue
- A question about data sent to the view from the controllers HOT 1
- in the encryption.php file HOT 1
- Pagination Class
- Agregar AJAX al proyecto
- Trying to get in touch regarding a security issue HOT 4
- ErrorController redeclaration HOT 2
- PHP code analizing does not work. HOT 3
- Connection problems with MySql (MariaDb)
- Contact details
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from huge.