Forums: access to database after next payment date expires - Forums

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

access to database after next payment date expires

#1 User is offline   jasp 

  • Member
  • PipPip
  • Group: Members
  • Posts: 11
  • Joined: 12-November 08

Posted 09 March 2009 - 03:11 AM

Hi,

my members site has an annual and 6 month options. To test what happens when the next payment date expires I changed the date on a test member account. I can still acces the databse even though the payment date is two days ago.

Does this mean that once the member hads a password they have access until I untick the paid check box myself or is this just because I have changed the payment due date manually?

Thanks,

Steve
0

#2 User is offline   Jane 

  • Advanced Member
  • PipPipPip
  • Group: Admin
  • Posts: 7495
  • Joined: 13-June 06

Posted 12 March 2009 - 02:00 PM

Steve,

It's difficult to tell you what's happening without seeing actual files.

Please publish your project on Demo Account and open a ticket at http://support.xlinesoft.com sending a URL to your pages along with instructions on reproducing this error.
best regards,
Jane Endaltseva
e-mail: support@xlinesoft.com
0

#3 User is offline   wypman 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 43
  • Joined: 10-June 08

Posted 28 March 2009 - 12:30 AM

View PostJane, on Mar 12 2009, 02:00 PM, said:

Steve,

It's difficult to tell you what's happening without seeing actual files.

Please publish your project on Demo Account and open a ticket at http://support.xlinesoft.com sending a URL to your pages along with instructions on reproducing this error.


I have experienced exactly the same problem. I changed the beginpay to 2008-01-02 and the end pay to 2009-01-02, Paypal was set to a value of 1, but it still let me login. What checks to see if it has expired?

I presume its in this part of the function AfterSuccessfulLogin code:

global $conn;
global $dal;
$rs = $dal->memusers->Query("Username='" . $username . "' and Password='" . $password . "'","");
$data1 = db_fetch_array($rs);
//$tmpSQL="select * from memusers where Username='" . $username . "' and Password='" . $password . "'";
//$rs = db_query($tmpSQL,$conn);
//if($data1 = db_fetch_array($rs))
if($data1)
{
	$begindate=$data1["Beginpay"];
	$enddate=$data1["Endpay"];
	$_SESSION["ppuid"]=$data1["ID"];
	if($data1["Paypal"]==0)
	{
		header("Location: login.php?a=pp0");
		exit();
	}
	if(strtotime($enddate)-strtotime($begindate)!=0 && (strtotime($enddate)-strtotime($begindate))/(60*60*24)<0)
	{
		header("Location: login.php?a=pp1");
		exit();
	}
}

0

#4 User is offline   Jane 

  • Advanced Member
  • PipPipPip
  • Group: Admin
  • Posts: 7495
  • Joined: 13-June 06

Posted 31 March 2009 - 12:00 PM

Thank you for pointing me to this bug.
We'll fix it in the next update.

Here is the correct code:

Quote

if(strtotime($enddate)-strtotime($begindate)!=0 && (strtotime($enddate)-strtotime("now"))/(60*60*24)<0)
{
header("Location: login.php?a=pp1");
exit();
}

best regards,
Jane Endaltseva
e-mail: support@xlinesoft.com
0

#5 User is offline   wypman 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 43
  • Joined: 10-June 08

Posted 05 April 2009 - 09:52 AM

View PostJane, on Mar 31 2009, 01:00 PM, said:

Thank you for pointing me to this bug.
We'll fix it in the next update.

Here is the correct code:

Quote

if(strtotime($enddate)-strtotime($begindate)!=0 && (strtotime($enddate)-strtotime("now"))/(60*60*24)<0)
{
header("Location: login.php?a=pp1");
exit();
}


Thanks for that Jane I'll give it a try..
0

Page 1 of 1
  • You cannot start a new topic
  • This topic is locked