# The concept of login boxes



## Dariune (Aug 4, 2005)

Hi guys its me again
Sorry to bother you all again (if you feel i am asking too much, having only linkled to the site in return, please let me know) 

I am having a bit of a quandry with the concept of login boxes. I have a site with a vertical navigation bar on the left hand side. 
I need to create a login box that, once logged in, will add an additional link to that navigation bar. 
Now im fairly confident i can create a login box (there are plenty of guides on them dotted arount then net) but i dont understand how it would add a link to the navigation bar which in turn is a part of an unchanging template. 

The only way i can see it working is form e to create a second template with this extra link and duplicate every single page with this new template. This seems like a lot of work. So my question is, is there some way of putting that link in, only when someone is logged in? 

many thanks for any replies
Dariune


----------



## deepdiver01 (Dec 23, 2004)

Hi Dariune.

Sounds to me as if you are ready to tackle a server side language.

What you want to do can be achieved very easily in php or a similar language.

As far as I am aware, if you want to do this in html only, yes, you will need another template.

Unless Javascript can help you. Not up enough on Javascript to help you there though.


----------



## TheRobatron (Oct 25, 2007)

Hi
As DeepDiver said, you will need a server side language like PHP. You will need to generate the menu and then link to it on each page (this may not be the only way, but I think it's the easiest) using the include command in PHP. On each page where you want the menu put:


```
<?php
include "menu.php"
?>
```
You will need to save your webpages as PHP files (.php) to make sure they get parsed. Then in menu.php:


```
<?php
echo "[URL]link1[/URL]"; //etc. Copy your existing navigation bar across.
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
if (!isset($username)) { // If the username has not been sent
// Make a login form
echo "

";
} else {
if ($username = "correct login name" && $passwrod = "correct password") {
echo "extra link";
} else {
echo "Incorrect logon.";
}
}
?>
```
I think that should work.


----------



## MMJ (Oct 15, 2006)

Whats the point of logging on?

Are you using any server side language? Are you using a CMS, blog, etc?


----------



## Dariune (Aug 4, 2005)

Thanks for the repleis guys.

Its funny you mention server side languages because i dabbled a bit in PHP on my website (more stumbled through it admittedly) andn ow im reading an asp.net book with the intent on learning it.

As for why? I will explain. I made a website for my hobby called www.dragonstouch.co.uk 
I stupidly told my boss at work about this and he asked me to create him a website. Which i have done. However because we have some sensetive information and some updates to software we dont want just anyone to access them. (hence the logins needing to be stored in an SQL database so we can remove unwanted people)

As you can see i am a little out of my depth but im trying as hard as i can to learn, both for my boss and for my hobby.

i will try you guys suggested and i genuinly apreciate your help. As soon as i have paid off some work to my house i will be donating, i promise.

May i trouble you all for one more bit of advice?

On my guestbook on my hobby's website (see link above) i keep getting spam. Its getting a little infuriating as they are putting it there faster than i can remove it. 
Now i havent looked on google yet but can any of you point me in the direction of adding a validation form or something along those lines to discourage them?

Sorry to ask before searcvhing google, the idea just came to me.

Lex


----------



## TheRobatron (Oct 25, 2007)

You could use javascript to do some validation (see http://www.yourhtmlsource.com/javascript/formvalidation.html and http://www.w3schools.com/js/js_form_validation.asp) but it's easily bypassed and so would not stop many spammers. You need some kind of server-side validation. http://www.php-mysql-tutorial.com/form-validation-with-php.php has both javascript and PHP validation explained.

If you don't want to code it all yourself, you could use www.mailmyform.com. They have very little advertising and validate all your fields for you (including emails and looking for mail injection).


----------



## Dariune (Aug 4, 2005)

Thanks Robatron  Much obliged 

i absolutely want to code it myself, ive got to learn hehe


----------



## deepdiver01 (Dec 23, 2004)

Why not have a look at some free CMS scripts, such as Joomla, Mambo, php-fusion, CMS Made Simple, etc.

They will have everything there ready to go for you.

They also have the current security holes fixed for the most part, for the time being until someone else finds a new one.

At least it will give you a shortcut to getting your boses site up and running and also an opportunity to have a closer look at code that works.

In regard the guestbook issue, the options you have is to only allow members to post after registering, and/or using a validation systems so bots cannot automate the process, and/or have the posts submitted held in abeyance (that doesn't look right) for approval by you.

Guestbooks in general are notorious for hacker and spam entry points.

BTW. Like your site .Looks great.


----------



## tohm (Jul 15, 2005)

Try snews CMS (http://www.snewscms.com)

It's a very simple 1 file content management system that is fully template independent (meaning you create your template and add a single line of code for things to appear dynamically, like <include menu> type thing. The script itself is fantastic and easy to change and take from etc etc.. Multi-user or single. as is well and suited for what you're doing. Support is fantastic.

Best of all, it's one of my contribution projects!


----------



## Dariune (Aug 4, 2005)

Sorry for the late reply guys. Ive had a manic month.

Anyway i am pulling my hair out trying to incorporate http://recaptcha.net/ to my website to prevent the hidious amounts of spam. Believe it or not i have been working 3 evenings on it so far and havent got very far. I was wondering if any javascript experts might be able to point be in the right direction.

Everything i try either brings up a Recaptcha incorrect code error on the page or a syntax error.

I have highlighted in red the code that relates to the recaptcha script. 
If any of you can help me i would apreciate it more than you know. This is the first time i have felt absolutely helpless in figuring out what i am doing.

As it stands there it says there is an error on line 9 which is $resp = recaptcha_check_answer ($6LdFrQEAAAAAAIgzBulu6cW8Ry6n6gu-wloL4717, but even if i get rid of that i get various errors.

Many many thanks in advance. 
Oh and to deepdiver01, thanks for the compliment 


```
<?php
	session_start();
	
	
	[COLOR="Red"]require_once('recaptchalib.php');
	$publickey = "6LdFrQEAAAAAAMKnIrIzseR6jcIsiULKVp57F51b "; // you got this from the signup page
	require_once('recaptchalib.php');
$privatekey = "6LdFrQEAAAAAAIgzBulu6cW8Ry6n6gu-wloL4717 ";
$resp = recaptcha_check_answer ($6LdFrQEAAAAAAIgzBulu6cW8Ry6n6gu-wloL4717,
                                $_SERVER["REMOTE_ADDR"],
                                $_POST["recaptcha_challenge_field"],
                                $_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {
  die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
       "(reCAPTCHA said: " . $resp->error . ")");
}[/COLOR]



	
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/Template.dwt" codeOutsideHTMLIsLocked="false" --> 
<head> 
<meta name="description" value="Welcome to Dragons Touch, a library of information about the greatest of our minds creations. The Dragon.">
<meta name="keywords" value="Dragon, Dragons, mythology, legend, myth, research, history">

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Dragon's Touch - Home</title>

<!-- InstanceEndEditable -->
<script type="text/javascript" src="dropdowntabs/dropdowntabfiles/dropdowntabs.js">

/***********************************************
* Drop Down Tabs Menu- (c) Dynamic Drive DHTML code library (www.dynamicdrive.com)
* This notice MUST stay intact for legal use
* Visit Dynamic Drive at http://www.dynamicdrive.com/ for full source code
***********************************************/

</script>

<style type="text/css"> 
<!-- 
body { 
    background-color: #000000;
}
-->
</style>
<link href="Stylesheets/DT%20CSS.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
a:link {
	color: #b46633;
}
-->
--> 
</style> 
<link href="Stylesheets/DT%20CSS.css" rel="stylesheet" type="text/css" /> 
<style type="text/css"> 
<!-- 
a:link { 
    color: #b46633; 
} 
.style3 {font-size: medium}
a:visited {
	color: #c24206;
}
a:hover {
	color: #c24206;
}
a:active {
	color: #d01foa;
}
--> 
</style>
<!-- InstanceBeginEditable name="head" --><!-- InstanceEndEditable -->
<link rel="stylesheet" type="text/css" href="dropdowntabs/dropdowntabfiles/slidingdoors.css" />
<style type="text/css">
<!--
.Newstyle {
	color: #b46633;
	font-weight: bold;
}
.style4 {color: #b46633}
.Sidehead {color: #b46633; font-weight: bold; font-size: medium; }

-->
</style>
</head> 

<body> 
<div class="style3" id="outer"> 
    <div id="Header"></div>
	<div id="SecNav">
	  <div id="slidemenu" class="slidetabsmenu">
	
<ul>
<li><a href="index.htm" title="Home"><span>Home</span></a></li>
<li><a href="Dragons.html" title="Dragons" rel="dropmenu1_c"><span>Dragons</span></a></li>
<li><a href="Galleryfiles/Showroom.html" title="Showroom"><span>Artists Showroom</span></a></li>
<li><a title="Community" rel="dropmenu3_c"><span>Community</span></a></li>	
<li><a href="ContactForm.html" title="Contact"><span>Contact Us</span></a></li>
<li><a title="Misc" rel="dropmenu2_c"><span>Misc</span></a></li>
</ul>
</div>


	</div>
	
    <div id="links">
      <div id=news2>
        <p><img src="Images/Headers/news.jpg" alt="News" width="150" height="50" /></p>
        <p class="Sidehead"><u>Diary Trip</u> </p>
        <p align="center">DT will be travelling to Ireland in June for our first Diary trip. We will be studying the celtic building of Newgrange where two strange serpents appear inside. Expect videos, images and essays on the dragons of Newgrange </p>
        <p align="center"><img src="Images/newgrange.jpg" alt="New Grange" width="204" height="117" /></p>
      <hr />
      <a href="http://www.thesorcererslibrary.com" target="_blank"></a></div>
      <div>
	  <p><span class="Sidehead"><strong><u>Mailing List</u></strong></span>      
	  <p>
	    To become involved in Dragons Touch or just to find out what we are up to fill in the form below to join our Mailing list.
	  <form method="post" action="Templates/signup.php">
	<table width="200px">
		<tr>
			<td>
				<b>Name</b>			
			</td>
			<td>
				<input name="name" type="text" size="25" />
			</td>
		</tr>
		<tr>
			<td>
				<b>Email</b>
			</td>
			<td>
				<input type="text" name="email" size="25" />
			</td>
		</tr>
	</table>
    <p>
      <label>
      <input type="submit" name="Submit" value="Submit" />
      </label>
    </p>
	  </form>
</div>
      <p><br />
      </p>
      <p align="left">
      
  </div> 
  
  
    <div id="Main">
      <div align="center">

<!-- InstanceBeginEditable name="Main" -->
<p align="left">
It takes a lot of time to create and maintain a website such as this, not to mention the hours of research that goes into the essays. 
If you enjoyed the site or found it useful is someway please let us know. Its knowing we are on the right track that helps to keep us going. 
<p>
  <?php

	print '
	
		<form method="post" action="guestbook.php">
		
			<table width="100%">
			
				<tr>
				
					<td width="26%" align="right">
						<b>Name</b>					</td>
				
					<td width="74%">
						<div align="left">
						  <input type="text" name="name" size="20" />
		          </div></td>
				
				</tr>
			
				<tr>
				
					<td align="right">
						<b>Email</b>
					</td>
				
					<td>
						<div align="left">
						  <input type="text" name="email" size="20" />
				        </div></td>
				
				</tr>
			
				<tr>
				
					<td align="right">
						<b>Comment</b>
					</td>
				
					<td>
						<div align="left">
						<textarea name="comment" cols="25" rows="5"></textarea>
					</div></td>
				
				</tr>
				
				
				<tr>
				
					<td>
					</td>
				
					<td>
						<div align="left">
							
							[COLOR="red"]echo recaptcha_get_html($6LdFrQEAAAAAAMKnIrIzseR6jcIsiULKVp57F51b );[/COLOR]				        </div></td>
				
				</tr>
			
				<tr>
				
					<td>
					</td>
				
					<td>
						<div align="left">
						  <input type="submit" name="submit" value="Submit" />
				        </div></td>
				
				</tr>
			
			</table>
		
		</form>	
	
	';
	
	require_once 'connectdb.php';
	
	if ( $_POST['submit'] == 'Submit' ) {
		
		$guestbookQuery = 'INSERT INTO guestbook ( Name, Email, Comment, DateStamp ) VALUES ( "' . $_POST['name'] . '", "' . $_POST['email'] . '", "' . $_POST['comment'] . '", "' . time() . '"  )';
		mysql_query( $guestbookQuery, $_SESSION['connect'] );
		
	}
	
	$guestbookQuery = 'SELECT * FROM guestbook ORDER BY datestamp DESC' ;
	$guestbookRecord = mysql_query( $guestbookQuery, $_SESSION['connect'] );
	
	while ( $guestbookRow = mysql_fetch_array( $guestbookRecord ) ) {
		
		print '
		
				<div style="text-align: left; width: 90%;><table border="0">
					<tr>
						<td>
							<div align="left">' . $guestbookRow['Name'] . '
					    </div></td>
						<td>
							<div align="left">' . date('Y/m/d H:i' , $guestbookRow['DateStamp'] ) . '
					    </div></td>
					</tr>
					<tr>
						<td colspan="2">
							<div align="left">' . $guestbookRow['Comment'] . '
					    </div></td>
					</tr>
				</table></div>
				<br />
		
		';
		
	}

		

?>
<!-- InstanceEndEditable --></div>
```


----------



## deepdiver01 (Dec 23, 2004)

Hi Dariune.

Just looking at it quickly, the glaring problem is that the echo for the captcha on your page is not enclosed in <?php ?> tags.

Now, your page extension will have changed to be .php instead of .html to start with.

You will have to enclose both the require and echo in those tags, like this


```
<?php
echo recaptcha_get_html($6LdFrQEAAAAAAMKnIrIzseR6jcIsiULKVp57F51b );
?>
```
REMEMBER.
Once you have changed the file extension, you will have to change all your navigation on the pages to .php instead of html.

In fact, now that you will have .php there, it will open up a lot of fantastic time saving tasks
such as navigation. You will be able to have 1 file for all your navigation details and only ever have to edit 1 file to change the whole site.

Deep.


----------



## Dariune (Aug 4, 2005)

Hi Deepdiver, thanks for your quick reply  

Its already a .php file but i havent wrapped the echo in php tags. Having said that the Resp ... is wrapped in php tags. Well that whole bundle of code is so do i still need to wrap it in more php tags or am i missing something incredibly obvious?

OPh i should also mention that there is more to that page but its only HTML and nothing which is directly relevant to this situation but if you need me to post it i can.


----------



## deepdiver01 (Dec 23, 2004)

Where is 'recaptchalib.php'?

Is it in the same folder as your message file? That is the path at the moment.

Apart from those 2 things, I cannot see anything wrong with the code shown.


----------



## Dariune (Aug 4, 2005)

It is in the same folder. I did have it in the folder ../Captcha/'recaptchalib.php' but i changed it to see if that would fix it.

I have it online here (i havent yet made the changes you suggested) http://www.dragonstouch.co.uk/guestbook.php im currently getting this message The reCAPTCHA wasn't entered correctly. Go back and try it again.(reCAPTCHA said: incorrect-captcha-sol) but i think i have it pasted in there correctly.

Does that help at all?


----------



## Dariune (Aug 4, 2005)

Ok, not to worry, i was trying to see if anyone was able to fix this one (their support forums are pretty much inactive) but i will go in search of another, more user friendly, image verification. 

Many thanks for trying Deepdiver. I apreciate your help.


----------



## deepdiver01 (Dec 23, 2004)

Hi Dariune.

Sorry I couldn't get back to you before. Blokes gotta sleep

I had a look at recaptcha.net. There are so many things that have to be done on their site that I suspect some of which wil be in encrypted. Shame they do not have much support. Not like here eh?

I downloaded Captcha ZDR last night and had a quick look at it. It was too late to do much with it but it seems that it is pretty straight forward. Mind you, googling captcha came up with a heap of options.

Sorry I couldn't be of more help.

Deep.


----------

