This page:
index.php
<?php
// LISTING OF index.php
//include db connect file
require_once("mysql.php");
//include config file
include("config.php");
// first some definitions we will be using.
define("PAYPAL_USER", $paypal_email);
define("PPLINK", "https://www.paypal.com/xclick/business=".
PAYPAL_USER.
"&item_name=ad_subs&item_number=1".
"&amount=10.00&no_note=1¤cy_code=GBP");
// our login form for user logins
$SHOW_LOGIN_FORM = "<br /><br />
<center><form method='post' action='$PHP_SELF'><table>
<tr>
<td>Username: </td>
<td><input name='username' type='text' value=''></td>
</tr>
<tr>
<td>Password: </td>
<td><input name='password' type='password' value=''></td>
</tr>
<tr>
<td colspan='2' align='center'>
<input type='submit' value='log in'>
</td>
</tr>
</table>
</form></center>";
// a function to handle setting cookies.
function sec_setcookie($var, $val, $modify=3600)
{
$exp = gmstrftime("%A, %d-%b-%Y %H:%M:%S", time() + $modify);
$dom = $GLOBALS["HTTP_HOST"];
if (preg_match("/^(.*):(.*)$/", $dom, $arr)) {
print_r($arr);
$dom = $arr[1];
}
$parts = explode(".", $dom);
$dom = ".". $parts[count($parts)-2]. ".". $parts[count($parts) - 1];
setcookie($var, $val, time() + $modify,"/", $dom, 0);
${$var} = $val;
global ${$var};
} //end function
### NOW THE LOGIC
// first see if we have a post
if (isset($_POST['username']) && isset($_POST['password'])) {
$sql = "
SELECT *
FROM users
WHERE username = '$username'
AND password = '$password'
";
$result = mysql_query($sql);
if (mysql_num_rows($result) > 0) {
$info = mysql_fetch_assoc($result);
if ($info[paid] == "1") {
sec_setcookie("username", $username);
sec_setcookie("password", $password);
sec_setcookie("cta_allowed", "yes");
} else if (isset($info[ref]) && $info[paid] == "0") {$ref = $info[ref];
echo"<center><p><font color=red><b>There was an error in your payment</b></font><br />
Please contact: $contact_email quoting REF:$ref as soon as possible.</p></center>";
} else {
echo "<center><font color=red><b>There has been an error.</b></font><br>
Your account has not yet been paid for, <a href=".PPLINK.">CLICK HERE</a> to pay now.</center>";
die();
} //fi
} else {
sec_setcookie("count", $count + 1);
echo "<center><font color=red><b>Error in Login</b></font><br />
Please check your username and password and try again</center><br /><br />";
echo $SHOW_LOGIN_FORM;
if ($count > 3) {
echo "<center><font color=red><b>Too many attempts. Please try again later.</b></font></center><br /><br />";
echo $SHOW_LOGIN_FORM;
} else {
echo $SHOW_LOGIN_FORM;
} //fi
die();
} //fi
} //fi
if($_COOKIE['username'] && $_COOKIE['password']) {
$sql = "
SELECT *
FROM users
WHERE username = '$username'
AND password = '$password'
";
$result = mysql_db_query(DBNAME, $sql);
if (mysql_num_rows($result) == 0) {
# clear the cookies
sec_setcookie("username", "");
sec_setcookie("password", "");
echo $SHOW_LOGIN_FORM;
die();
} //fi
} else {
echo $SHOW_LOGIN_FORM;
} //fi
//The paid for page
if (isset($_COOKIE['cta_allowed'])) {
if ($_COOKIE['cta_allowed'] == "yes") {
// page content here!
echo"YOU HAVE LOGGED IN FINE";
}
}
?>
Produces this error after when it gets to a point of setting cookies:
Warning: Cannot modify header information - headers already sent by (output started at /home/trecollc/public_html/totalr/totalrock.com/mysql.php:7) in /home/trecollc/public_html/totalr/totalrock.com/index.php on line 44
Why does it do this?
mysql.php line 7 is: ?>
TIA
RT
