I'm attempting the same thing on Yahoo! using PHP and MySQL.
I have several questions also. In MySQL there are built in tables for user / db / tables etc... that allow certain capability. I haven't done anything with these.

I have created a database called member and added member and login tables.

I have the form made out with username and login ready.

I have some of the php made to send to fill out a registration form.

My underlying question is the same as yours. How do I protect the database and what directory do I keep the php files in. If I put the php files in a password protected database then I would have to give every member permission to use it so then it wouldn't work. The Yahoo! area is unrelated to the mysql permissions I guess.

I am considering having a bulk table that has all the information fields that they will fill out. And then have a separate table that is cleaned up with cleaned data that they cannot access directly.

There is also the matter of wanting to give permission to some members to be able to search the database etc...

Fun though...

dogstar

Okay, I have figured out part of my problem.

In the header of my index is a login link. Logging in via this link will put a "welcome $username" ; in the header as well as a logout link. If you log in this way, everything is kosher.

If you are not logged in and you try to visit one of the members only pages you are redirected to the login page, the same one linked to from the header. If you login this way, the session starts as usual but the header still displays the older "login, register" links and does not reflect that the user is logged in.

How do I change this to allow the user to log in via the redirected link and then display the logged in username and logout link in the header?

Make sure your "page header" code is consistent on every page you want to recognize a member... every page

Just to clarify, under the design of the "Complete Members System" article, to protect member only pages at the top of your script add the following code:

Code:

are you writing out the page header and then processing the login form? if so, the user isn't logged in yet when you write out the header...

Alright, spontaneous remission of symptoms.

Cleared some cookies and all works well.

Whodathunkit.

**Update**
Got it to work...
require_once($_ SERVER['DOCUME NT_ROOT'].'/d b_connect.php' ); //given code

require_once(.. /webroot/db_con nect.php'); //code modified for my root

I would recommend for the total noobes, inluding myself some sort of more consistent declaration of such required modifications.. .
unless I am missing something ?!
**end update**



I am running WAMP on localhost

you then said to use this..

require_once($_ SERVER['DOCUME NT_ROOT'].'/c onnect.php'); to connect to the server..

however, is _SERVER['DOCUM ENT_ROOT'] the actual value or do I need to put my own info in here...
I have finished the tut and tried the code... doesn't look like it is working to me... trying to figure out why...

Thanks for the clarification..
Duece

Duece,
the $_SERVER['DOCU MENT_ROOT'] variable displays the document root of your website, I believe sometimes called the absolute path or full path. An example may be something like: /user/home/bin/ yoursite/ - I don't know, but that is how you need to call the script. Place the code to connect to the database ina central file (db_connect.php ), and when you need to connect, just use require_once(); to include the connection code and it will connect (if given the proper parameters within the file).

Other than that, if you're experiencing any specific problems post the PHP error and the line of code that is causing the error and we can try and help you out the best we can. Thanks for reading the article.

**update** fixed it... amazing what that little php will do after the <?

missed the one at <form name="sig nup" action="& lt;?$_SERVER[' PHP_SELF']; ?>" method="P OST">< br />

Well that is cool... I had tried about a dozen times to fix it, posted, then 15 more tries, after various tries at things...
Glad it is working..
very cool..
Now I just need to take the modules and put them all together into a quick demo/working site...

D

  bs0d said...

< i> Make sure your "page header" code is consistent on every page you want to recognize a member... every page

Just to clarify, under the design of the "Complete Members System" article, to protect member only pages at the top of your script add the following code:
<BR><f ont size=1><u >Code:</u ><BR>& lt;div name="div _box" class="di vCode"> ;
if($_SESSION[' logged_in'] == 0)
die("You must be a member or logged in to view this page.";

put that on your member only page, not in the page_header. If its in the page_header, every visitor (and members that didnt click 'remember me') that comes to the site will get the error because they dont have the opportunity to sign-in.