A big project help

[Aravinthan]

Hi, I am making a website for a robot competition for my school. As I am the only one in my school(as only the students can build the site) who knows how to code, I been given the title of Website Captain. I already started working on it, and I have been thinking that it would be great to have logging in features and stuff. Altho I already know some php and mysql coding I would need help. Here the main things that I would like to have help with.
- A login system with different access level. For exemple member, can only view the pages, mods and admins.
- Here is the part I find the most difficult. As we are like 5 in our team, and I dont want to work all alone... I was thinking that it should be possible to create a system where my teammates would be mods and that they would be able to update the main page and the news..... Is it possible?
- I want to create a user level for juges, I want them to have access to all of the site, except they cant update the news and main page.
- And finally I would like to have a guestbook synchronised with the login feature. What I mean by that is, when someone named, for exemple, Chris is logged in, when he wants to leave a comment via the guestbook, the name, email is automatically updated.... I aint sure if its possible....


Thanks for your help,
Ara

[xPlozion]

yes, it's all possible.
1. have different access codes. 0 for member, 1 for admin, 2 for mod, 3 for judge, etc...
2. going off what's above, if ($user_level == '1' || $user_level == '2') {
3. same concept as #2.
4. I don't know what you mean by email is automatically updated, but store the userid by cookies, then post the userid into the guestbook table, then select the username from the user table with the id of the userid set in the guestbook table.

If you need more explanation, then just ask.

-xP

[Aravinthan]

Like as I said , I am not ver familiar with php. But I am willing to learn, if you can give some step-by-step tutorial how to create those feature, it would be really great..... Dont have to give me little details, as I already worked with PHp and all, but like what should be placed in mysql table? user, email, access level? And How can use the access codes? And What I mean by mods being able to update, is that no one else in my team can use php nor html, so how can I ease up their work?
Thanks for your quick reply and your interst,
Ara
Edit:
I been working on the log-in feature and found a great tutorial:
http://www.evolt.org/PHP-Login-Syste...Admin-Features
I did all the changes and all, but when I try to run I get this error:

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/ara/public_html/index.php:6) in /home/ara/public_html/include/session.php on line 46

Here is the website:
http://saintmaxime.x10hosting.com/

[xPlozion]

OK, I understand. I'll start by the MySQL DB Layout.

Code:

TABLE:
  users
FIELDS:
  uid, int(4), not null, auto_increment, primary // max user limit: 9999 users
  username, varchar(255), not null
  password, varchar(40), not null
  email, varchar(255), null // allow there to be no email attached w/ the username. change it to not null to make it required
  access_lvl, int(2), not null, default (0) // 0: unprivelaged, max level:99

With the table setup as above for the user setup, we can then get on w/ the rest of it.

a couple of examples are:

PHP Code:

<?php
//==============================
// Script By: James Burke (xPlozion)
// Website: http://www.ccheater.uni.cc
// File: ~/public_html/login.php
//
// This script allows a user to login.
//==============================

define('INSITE', TRUE);
require './user_check.php';

if (!defined('LOGGED_IN')) {

if (isset($_POST['login'])) {
  if (!empty($username) && !empty($password)) {
    $username = mysql_real_escape_string($_POST['username']);
    $password = sha1($_POST['password']);
    $result = mysql_query('SELECT uid FROM users WHERE username=\''.$username.'\' AND password=\''.$password.'\' LIMIT 1');
    if (mysql_num_rows($result) !== 0) {
      list($uid) = mysql_fetch_row($result);
      setcookie('uid', $uid, time()+3600, '/');
      setcookie('password', sha1('logged_in'.$password), time()+3600, '/'); // re-encrypts the password so the db password and the cookie password aren't the same
    } else {
      echo 'The username/password combination does not exist.<br /><br /><a href=\'javascript:history.go(-1)\'>Go back</a>';
    }
  } else {
    echo 'Your username or password was empty.<br /><br /><a href=\'javascript:history.go(-1)\'>Go back</a>';
  }
} else {
?>
<form action='?login' method='post'>
  <fieldset>
    <input name='username' type='text' /> Username<br />
    <input name='password' type='password' /> Password<br /><br />
    <input name='login' type='submit' value='Login' />
  </fieldset>
</form>
<?php
}

} else {
  echo 'You are already logged in.<br /><br /><a href=\'javascript:history.go(-1)\''>Go back</a>';
}
?>

PHP Code:

<?php
//=========================
// Script By: James Burke (xPlozion)
// Website: http://www.ccheater.uni.cc
// File: ~/public_html/user_check.php
//
// This script checks to see if the user
// is logged in and sets the access level.
//
// Require this script on any page you want
// to confirm a users credentials on.
//=========================

if (!defined('INSITE'))
  exit('Hacking Attempt');

// db.php is located at ~/db.php, in the root directory where 
// the folder public_html is located
require '../db.php';

if(!empty($_COOKIE['uid']) && !empty($_COOKIE['password'])) {
  $uid = mysql_real_escape_string($_COOKIE['uid']);
  $password = $_COOKIE['password'];
  $result = mysql_query('SELECT password, access_lvl FROM users WHERE uid=\''.$uid.'\' LIMIT 1');
  list($db_password, $access_lvl) = mysql_fetch_row($result);
  if (sha1('logged_in'.$db_password) == $password) {
    define('LOGGED_IN', TRUE);
    define('ACCESS_LVL', $access_lvl);
  }
}
?>

That's the very basics as of right now. As far as I can tell, everything should work, so if something doesn't work, then just let me know.

Remember that +REP or donated credits is always appreciated ;)
-xP

[Aravinthan]

I got it working with another tutorial Plozian, thanks tho. But know I am stuck here:
Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in /home/ara/public_html/userinfo.php on line 114
And here is my code:

Code:

<?php include("include/session.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/index.dwt" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Saint-Maxime, CRC Robotique</title>
<!-- InstanceEndEditable -->
<script type="text/javascript" >
<!--
function ctRoster(usrName)
{

	var div = document.getElementById("roster_data");
	var textnode = document.createTextNode(usrName);
	div.appendChild(textnode);
}
function ctRosterClean()
{
	var label = document.getElementById("roster_data")
 	while( label.hasChildNodes() ) { label.removeChild( label.lastChild ); }
}
// -->
</script>
<link rel="stylesheet" type="text/css" href="style.css" />
<!-- InstanceBeginEditable name="head" --><!-- InstanceEndEditable -->
</head>
<!--	CODED BY OPSERTY.COM
		ALL RIGHTS RESERVED
		COPYRIGHT CLANTEMPLATES.COM 2006
-->
<body>

<!-- Main wrapper -->
<div id="wrap">
	<div id="header">
		<div id="innerheader">
		<?php include("menu.php"); ?>
		</div>

	</div>

	<div id="content">
		<div class="side_column">
					<?php include("news.php"); ?>

					<?php include("search.php"); ?>
<h1>Membres<small>Enligne</small></h1>

<?php include("online.php"); ?>


		</div>





		<!-- END LEFT COLUMN -->
		<div id="middle" >
			<div id="division_select">
			<?php include("groupes.php"); ?>
			</div>

			<h1>Bienvenue sur notre Site</h1>
			<!-- ENTER MAIN CONTENT HERE -->
			<!-- InstanceBeginEditable name="Main content1" -->
			<div class="content">
				<?
				/* Requested Username error checking */
				$req_user = trim($_GET['user']);
				if(!$req_user || strlen($req_user) == 0 ||
				   !eregi("^([0-9a-z])+$", $req_user) ||
				   !$database->usernameTaken($req_user)){
				   die("Username not registered");
				}

				/* Logged in user viewing own account */
				if(strcmp($session->username,$req_user) == 0){
				   echo "<h1>My Account</h1>";
				}
				/* Visitor not viewing own account */
				else{
				   echo "<h1>User Info</h1>";
				}

				/* Display requested user information */
				$req_user_info = $database->getUserInfo($req_user);

				/* Username */
				echo "<b>Username: ".$req_user_info['username']."</b><br>";

				/* Email */
				echo "<b>Email:</b> ".$req_user_info['email']."<br>";

				/**
				 * Note: when you add your own fields to the users table
				 * to hold more information, like homepage, location, etc.
				 * they can be easily accessed by the user info array.
				 *
				 * $session->user_info['location']; (for logged in users)
				 *
				 * ..and for this page,
				 *
				 * $req_user_info['location']; (for any user)
				 */

				/* If logged in user viewing own account, give link to edit */
				if(strcmp($session->username,$req_user) == 0){
				   echo "<br><a href=\"useredit.php\">Edit Account Information</a><br>";
				}

				/* Link back to main */
echo "<br>Back To [<a href="http://forums.x10hosting.com/programming-help/index.php">Main</a>]<br>";
?>
		    </div>
		    </div>

		<div class="side_column" id="right">
			<?php include("log.php"); ?>
			<h1>Web Designers<small>/ codeurs</small></h1>
			<div id="roster">
				<?php include("roster.php"); ?>

			</div>

		</div>



	<div id="footer">
		<?php include("copyright.php"); ?>
	</div>
</div>
<!-- / main wrapper -->
</body>
<!-- InstanceEnd --></html>

and there is another page that aint working, but this is, I think more important.
Thanks for your help,
Ara

[xPlozion]

on line 114, you have:

PHP Code:

echo "<br>Back To [<a href="http://forums.x10hosting.com/programming-help/index.php">Main</a>]<br>"; 


the proper code would be

PHP Code:

echo "<br>Back To [<a href='http://forums.x10hosting.com/programming-help/index.php'>Main</a>]<br>"; 


or

PHP Code:

echo "<br>Back To [<a href=\"http://forums.x10hosting.com/programming-help/index.php\">Main</a>]<br>"; 


-xP, and btw, it's pronounced explosion ;)

[Aravinthan]

THanks alot, explosion xD
HEre is the other problem, this is one is when I am trying to view the admin center:
Error:Parse error: syntax error, unexpected $end in /home/ara/public_html/admin/admin.php on line 344

Code:

<?php include("include/session.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/index.dwt" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Saint-Maxime, CRC Robotique</title>
<!-- InstanceEndEditable -->
<script type="text/javascript" >
<!--
function ctRoster(usrName)
{
	var div = document.getElementById("roster_data");
	var textnode = document.createTextNode(usrName);
	div.appendChild(textnode);
}
function ctRosterClean()
{
	var label = document.getElementById("roster_data")
 	while( label.hasChildNodes() ) { label.removeChild( label.lastChild ); }
}
// -->
</script>
<link rel="stylesheet" type="text/css" href="style.css" />
<!-- InstanceBeginEditable name="head" --><!-- InstanceEndEditable -->
</head>
<!--	CODED BY OPSERTY.COM
		ALL RIGHTS RESERVED
		COPYRIGHT CLANTEMPLATES.COM 2006
-->
<body>
<!-- Main wrapper -->
<div id="wrap">
	<div id="header">
		<div id="innerheader">
		<?php include("menu.php"); ?>
		</div>
	</div>

	<div id="content">
		<div class="side_column">
					<?php include("news.php"); ?>

					<?php include("search.php"); ?>
<h1>Membres<small>Enligne</small></h1>

<?php include("online.php"); ?>
		</div>
		<!-- END LEFT COLUMN -->
		<div id="middle" >
			<div id="division_select">
			<?php include("groupes.php"); ?>
			</div>

			<h1>Bienvenue sur notre Site</h1>
			<!-- ENTER MAIN CONTENT HERE -->
			<!-- InstanceBeginEditable name="Main content1" -->
			<div class="content">
				<?
				/**
				 * Admin.php
				 *
				 * This is the Admin Center page. Only administrators
				 * are allowed to view this page. This page displays the
				 * database table of users and banned users. Admins can
				 * choose to delete specific users, delete inactive users,
				 * ban users, update user levels, etc.
				 *
				 * Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
				 * Last Updated: August 26, 2004
				 */
				include("../include/session.php");

				/**
				 * displayUsers - Displays the users database table in
				 * a nicely formatted html table.
				 */
				function displayUsers(){
				 						  global $database;
				  						 $q = "SELECT username,userlevel,email,timestamp "
				      					 ."FROM ".TBL_USERS." ORDER BY userlevel DESC,username";
				 					 	 $result = $database->query($q);
				  						 /* Error occurred, return given name by default */
				 					  	$num_rows = mysql_numrows($result);
				 					 	 if(!$result || ($num_rows < 0)){				     													 echo "Error displaying info";										 return;				   													  }
				   					 	if($num_rows == 0){											 echo "Database table empty";						return;											}
	   						/* Display table contents */
				   						echo "<table align=\"left\" border=\"1\" cellspacing=\"0\" cellpadding=\"3\">\n";					 echo "<tr><td><b>Username</b></td><td><b>Level</b></td><td><b>Email</b></td><td><b>Last Active</b></td></tr>\n";
				   					for($i=0; $i<$num_rows; $i++){				$uname  = mysql_result($result,$i,"username");
				      													$ulevel = mysql_result($result,$i,"userlevel")			      													$email  = mysql_result($result,$i,"email");
				      													$time   = mysql_result($result,$i,"timestamp");				      													echo "<tr><td>$uname</td><td>$ulevel</td><td>$email</td><td>$time</td></tr>\n";
				  														 }
				   						echo "</table><br>\n";
										}

				/**
				 * displayBannedUsers - Displays the banned users
				 * database table in a nicely formatted html table.
				 */
				function displayBannedUsers(){
				  								 global $database;					$q = "SELECT username,timestamp "
				     				 ."FROM ".TBL_BANNED_USERS." ORDER BY username";
				  							 $result = $database->query($q);
				   							/* Error occurred, return given name by default */
				   							$num_rows = mysql_numrows($result);
				   								if(!$result || ($num_rows < 0)){
				    													  echo "Error displaying info";
				     													 return;
															}
				  								 if($num_rows == 0){						 echo "Database table empty";
				    								 return;
												 }
				  								 /* Display table contents */
				   								echo "<table align=\"left\" border=\"1\" cellspacing=\"0\" cellpadding=\"3\">\n";
				  								 echo "<tr><td><b>Username</b></td><td><b>Time Banned</b></td></tr>\n";
				   								for($i=0; $i<$num_rows; $i++){
				      													$uname = mysql_result($result,$i,"username");												$time  = mysql_result($result,$i,"timestamp");		echo "<tr><td>$uname</td><td>$time</td></tr>\n";
				  											 }				   								echo "</table><br>\n";
												}
				/**
				 * User not an administrator, redirect to main page
				 * automatically.
				 */
				if(!$session->isAdmin()){
				   							header("Location:index.php");
										}
										else{
				/**
				 * Administrator is viewing page, so display all
				 * forms.
				 */
					?>
				<font size="4">Logged in as <b><? echo $session->username; ?></b></font><br><br>
				Back to [<a href="http://forums.x10hosting.com/programming-help/index.php">Main Page</a>]<br><br>
				<?
				if($form->num_errors > 0){
				   							echo "<font size=\"4\" color=\"#ff0000\">"
				       						."!*** Error with request, please fix</font><br><br>";
										}
				?>
				<table align="left" border="0" cellspacing="5" cellpadding="5">
				<tr><td>
				<?
				/**
				 * Display Users Table
				 */
				?>
				<h3>Users Table Contents:</h3>
				<?
				displayUsers();
				?>
				</td></tr>
				<tr>
				<td>
				<br>
				<?
				/**
				 * Update User Level
				 */
				?>
				<h3>Update User Level</h3>
				<? echo $form->error("upduser"); ?>
				<table>
				<form action="adminprocess.php" method="POST">
				<tr><td>
				Username:<br>
				<input type="text" name="upduser" maxlength="30" value="<? echo $form->value("upduser"); ?>">
				</td>
				<td>
				Level:<br>
				<select name="updlevel">
				<option value="1">1
				<option value="9">9
				</select>
				</td>
				<td>
				<br>
				<input type="hidden" name="subupdlevel" value="1">
				<input type="submit" value="Update Level">
				</td></tr>
				</form>
				</table>
				</td>
				</tr>
				<tr>
				<td><hr></td>
				</tr>
				<tr>
				<td>
				<?
				/**
				 * Delete User
				 */
				?>
				<h3>Delete User</h3>
				<? echo $form->error("deluser"); ?>
				<form action="adminprocess.php" method="POST">
				Username:<br>
				<input type="text" name="deluser" maxlength="30" value="<? echo $form->value("deluser"); ?>">
				<input type="hidden" name="subdeluser" value="1">
				<input type="submit" value="Delete User">
				</form>
				</td>
				</tr>
				<tr>
				<td><hr></td>
				</tr>
				<tr>
				<td>
				<?
				/**
				 * Delete Inactive Users
				 */
				?>
				<h3>Delete Inactive Users</h3>
				This will delete all users (not administrators), who have not logged in to the site<br>
				within a certain time period. You specify the days spent inactive.<br><br>
				<table>
				<form action="adminprocess.php" method="POST">
				<tr><td>
				Days:<br>
				<select name="inactdays">
				<option value="3">3
				<option value="7">7
				<option value="14">14
				<option value="30">30
				<option value="100">100
				<option value="365">365
				</select>
				</td>
				<td>
				<br>
				<input type="hidden" name="subdelinact" value="1">
				<input type="submit" value="Delete All Inactive">
				</td>
				</form>
				</table>
				</td>
				</tr>
				<tr>
				<td><hr></td>
				</tr>
				<tr>
				<td>
				<?
				/**
				 * Ban User
				 */
				?>
				<h3>Ban User</h3>
				<? echo $form->error("banuser"); ?>
				<form action="adminprocess.php" method="POST">
				Username:<br>
				<input type="text" name="banuser" maxlength="30" value="<? echo $form->value("banuser"); ?>">
				<input type="hidden" name="subbanuser" value="1">
				<input type="submit" value="Ban User">
				</form>
				</td>
				</tr>
				<tr>
				<td><hr></td>
				</tr>
				<tr><td>
				<?
				/**
				 * Display Banned Users Table
				 */
				?>
				<h3>Banned Users Table Contents:</h3>
				<?
				displayBannedUsers();
				?>
				</td></tr>
				<tr>
				<td><hr></td>
				</tr>
				<tr>
				<td>
				<?
				/**
				 * Delete Banned User
				 */
				?>
				<h3>Delete Banned User</h3>
				<? echo $form->error("delbanuser"); ?>
				<form action="adminprocess.php" method="POST">
				Username:<br>
				<input type="text" name="delbanuser" maxlength="30" value="<? echo $form->value("delbanuser"); ?>">
				<input type="hidden" name="subdelbanned" value="1">
				<input type="submit" value="Delete Banned User">
				</form>
				</td>
				</tr>
</table>
		    </div>

		<div class="side_column" id="right">
			<?php include("log.php"); ?>
			<h1>Web Designers<small>/ codeurs</small></h1>
			<div id="roster">
				<?php include("roster.php"); ?>

			</div>

		</div>

	</div>

	<div id="footer">
		<?php include("copyright.php"); ?>
	</div>
</div>
<!-- / main wrapper -->
</body>
<!-- InstanceEnd --></html>

I think its here:

Code:

if(!$session->isAdmin()){				   							header("Location:index.php");
										}
										else{
				/**
				 * Administrator is viewing page, so display all
				 * forms.
				 */
					?>

Thanks again for your help.

[Salvatos]

As far as I can see (although your indentation is not making it easy ^^ ), your else tag is not closed (that's why the end of PHP is not expected).

[xPlozion]

correct. when php complains about an unexpected $end, then that means that one of the if-else tags aren't properly closed. I believe that you have pinpointed the problem too. also, where $ulevel is, theres no semi-colon ( ; ) at the end, and it just runs right into $email. also, looking through the script, you should put

PHP Code:

<?php } ?>

after </table>

PHP Code:

for($i=0; $i<$num_rows; $i++){                $uname  = mysql_result($result,$i,"username");
                                                                          $ulevel = mysql_result($result,$i,"userlevel"); //add the semicolon as shown here                                                                      $email  = mysql_result($result,$i,"email");
                                                                          $time   = mysql_result($result,$i,"timestamp");                                                                          echo "<tr><td>$uname</td><td>$ulevel</td><td>$email</td><td>$time</td></tr>\n"; 


PHP Code:

                <h3>Delete Banned User</h3>
                <? echo $form->error("delbanuser"); ?>
                <form action="adminprocess.php" method="POST">
                Username:<br>
                <input type="text" name="delbanuser" maxlength="30" value="<? echo $form->value("delbanuser"); ?>">
                <input type="hidden" name="subdelbanned" value="1">
                <input type="submit" value="Delete Banned User">
                </form>
                </td>
                </tr>
</table>
<?php } ?> //add this.
            </div>

-xP ps, it's pronounced as explosion, but it's still spelled xPlozion ;)

[Aravinthan]

Thanks alot for your help, but I keep getting errors. ANd I am very sorry to bug you.....
error:
Fatal error: Cannot redeclare class MySQLDB in /home/ara/public_html/include/database.php on line 14
And here is the database code:

Code:

<?
/**
 * Database.php
 *
 * The Database class is meant to simplify the task of accessing
 * information from the websites database.
 *
 * Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
 * Last Updated: August 17, 2004
 */
include("constants.php");

class MySQLDB
{
   var $connection;         //The MySQL database connection
   var $num_active_users;   //Number of active users viewing site
   var $num_active_guests;  //Number of active guests viewing site
   var $num_members;        //Number of signed-up users
   /* Note: call getNumMembers() to access $num_members! */

   /* Class constructor */
   function MySQLDB(){
      /* Make connection to database */
      $this->connection = mysql_connect(DB_SERVER, DB_USER, DB_PASS) or die(mysql_error());
      mysql_select_db(DB_NAME, $this->connection) or die(mysql_error());

      /**
       * Only query database to find out number of members
       * when getNumMembers() is called for the first time,
       * until then, default value set.
       */
      $this->num_members = -1;

      if(TRACK_VISITORS){
         /* Calculate number of users at site */
         $this->calcNumActiveUsers();

         /* Calculate number of guests at site */
         $this->calcNumActiveGuests();
      }
   }

   /**
    * confirmUserPass - Checks whether or not the given
    * username is in the database, if so it checks if the
    * given password is the same password in the database
    * for that user. If the user doesn't exist or if the
    * passwords don't match up, it returns an error code
    * (1 or 2). On success it returns 0.
    */
   function confirmUserPass($username, $password){
      /* Add slashes if necessary (for query) */
      if(!get_magic_quotes_gpc()) {
	      $username = addslashes($username);
      }

      /* Verify that user is in database */
      $q = "SELECT password FROM ".TBL_USERS." WHERE username = '$username'";
      $result = mysql_query($q, $this->connection);
      if(!$result || (mysql_numrows($result) < 1)){
         return 1; //Indicates username failure
      }

      /* Retrieve password from result, strip slashes */
      $dbarray = mysql_fetch_array($result);
      $dbarray['password'] = stripslashes($dbarray['password']);
      $password = stripslashes($password);

      /* Validate that password is correct */
      if($password == $dbarray['password']){
         return 0; //Success! Username and password confirmed
      }
      else{
         return 2; //Indicates password failure
      }
   }

   /**
    * confirmUserID - Checks whether or not the given
    * username is in the database, if so it checks if the
    * given userid is the same userid in the database
    * for that user. If the user doesn't exist or if the
    * userids don't match up, it returns an error code
    * (1 or 2). On success it returns 0.
    */
   function confirmUserID($username, $userid){
      /* Add slashes if necessary (for query) */
      if(!get_magic_quotes_gpc()) {
	      $username = addslashes($username);
      }

      /* Verify that user is in database */
      $q = "SELECT userid FROM ".TBL_USERS." WHERE username = '$username'";
      $result = mysql_query($q, $this->connection);
      if(!$result || (mysql_numrows($result) < 1)){
         return 1; //Indicates username failure
      }

      /* Retrieve userid from result, strip slashes */
      $dbarray = mysql_fetch_array($result);
      $dbarray['userid'] = stripslashes($dbarray['userid']);
      $userid = stripslashes($userid);

      /* Validate that userid is correct */
      if($userid == $dbarray['userid']){
         return 0; //Success! Username and userid confirmed
      }
      else{
         return 2; //Indicates userid invalid
      }
   }

   /**
    * usernameTaken - Returns true if the username has
    * been taken by another user, false otherwise.
    */
   function usernameTaken($username){
      if(!get_magic_quotes_gpc()){
         $username = addslashes($username);
      }
      $q = "SELECT username FROM ".TBL_USERS." WHERE username = '$username'";
      $result = mysql_query($q, $this->connection);
      return (mysql_numrows($result) > 0);
   }

   /**
    * usernameBanned - Returns true if the username has
    * been banned by the administrator.
    */
   function usernameBanned($username){
      if(!get_magic_quotes_gpc()){
         $username = addslashes($username);
      }
      $q = "SELECT username FROM ".TBL_BANNED_USERS." WHERE username = '$username'";
      $result = mysql_query($q, $this->connection);
      return (mysql_numrows($result) > 0);
   }

   /**
    * addNewUser - Inserts the given (username, password, email)
    * info into the database. Appropriate user level is set.
    * Returns true on success, false otherwise.
    */
   function addNewUser($username, $password, $email){
      $time = time();
      /* If admin sign up, give admin user level */
      if(strcasecmp($username, ADMIN_NAME) == 0){
         $ulevel = ADMIN_LEVEL;
      }else{
         $ulevel = USER_LEVEL;
      }
      $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '0', $ulevel, '$email', $time)";
      return mysql_query($q, $this->connection);

A part of it, as the whole code is 2 long....
Thanks alot, oh and by the way did you get my 50 credits I gave you?