Sei sulla pagina 1di 1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.

dtd">
<html>
<head lang="en">
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<meta name="robots" content="noindex,nofollow">
<meta name="Description" content="test page for user login screening of a forum create thread system in
early stages of process design">
<meta name="Keywords" content="">
<meta name="Author" content="Samuel A Marchant nicephotog@gmail.com 2009">
<title>create thread wild-canidae-conservation-forum.netne.net</title>
<!-- <link href="CSS-FILE-NAME.css" type="text/css" rel="stylesheet"> -->
</head>
<body id="" style=":;">
<!--
created by SUcommanderXer Last Pre Beta www.nicephotog-jsp.net
This php page script name: "createbean.php" is an adaptation of the in-page php - MySQL
logged-in screening userbean from the now no longer, www.nicephotog-jvm.net site that is
superceded by the www.nicephotog-jsp.net site.
-->
<?
if(!isset($HTTP_GET_VARS['usern'])){
# print message here or return to index or message page e.g. location: header re: login and no
password
}else{
# now setup database link to check login and postID's etc
# THE SCRIPT HERE is FOR EMBEDDING IN THE PAGES THAT ARE USED AFTER LOGIN
# make php heredoc
$formhtm = <<<FRMD
<form name="createthread" action="create.php" method="POST">
<input name="createname" type="text" size="100" value="">
<textarea name="createinf" cols="100" rows="20" value=""></textarea>
<input name="createsend" type="button" value="start thread">
<input name="usern" type="hidden" value="$val_name">
</form>
FRMD;
$val_name=$HTTP_GET_VARS['usern']; # to be from the $get-var
# $val_name=$HTTP_GET_VARS['pssw']; #
# test url http://wild-canidae-conservation-forum.netne.net/createbean.php?usern=nicephotog
# set the column to choose from in the query condition for comparison
$col_name="namescolumn"; # column name
# ready the loop as running
$checkbool=1;
# ready db connection
$dbqy = mysql_connect("mysql.host.somewhere.com","SOMEdbUSERNAME","s0m1ep2a3s4s5w6o7d"); # 3306 is the
default port
# or die('Signup script signup.php did not connect to database',''.mysql_error()); #
# select the db and open db connection
mysql_select_db('DATABASEnameTOuse',$dbqy);
# build the query command line with the recieved information from the ?URL
$sqlqry = 'select if('.$col_name.'=\''.$val_name.'\',\'USEREXISTS\',\'NOUSENAME\') from tableNAMEtoUSE
where ('.$col_name.'=\''.$val_name.'\' || '.$col_name.'=\'anonymous\')';
# "anonymous" is a dummy in the namescolumn
# commit the query
$sql_entry_status = mysql_query($sqlqry,$dbqy);
$template='USEREXISTS'; # comparitor in the IF statement that we want to find
#
while(($rw = mysql_fetch_array($sql_entry_status,MYSQL_NUM)) && ($checkbool!=0)){ ## terminate when user
found
## print($rw[0]."\n"."\n"."<br>");
if(!eregi(($template."+"),$rw[0])){ # commit a regex function that returns a boolean to find the user
$checkbool=1; # this remains if no user is found
}else{
$checkbool=0; # stop the loop and allow the process below to proceed
} #enels
} # enwhl
#
if($checkbool==1){ # terminate the script NO ACCEPTABLE USER PARAMETERS WERE FOUND
print("You do not appear to be listed in the database , Please sign up to use this site");
mysql_free_result($sql_entry_status);
mysql_close($dbqy);
exit();
}
mysql_free_result($sql_entry_status);
mysql_close($dbqy);
#
if($checkbool==0){
print($formhtm);
}else{
print("the information does not appear to be valid");
}
}
# end if is not isset
?>

</body>
</html>

Potrebbero piacerti anche