|
PHP - Retrieving Database Info Based On User Logged In
I have two tables.
Table Name:Users Fields: User_name user_email user_level pwd 2.Reference Fields: refid username origin destination user_name in the users table and the username field in reference fields are common fields. There is user order form.whenever an user places an order, refid field in reference table will be updated.So the user will be provided with an refid Steps: 1.User needs to log in with a valid user id and pwd 2.Once logged in, there will be search, where the user will input the refid which has been provided to him during the time of order placement. 3.Now User is able to view all the details for any refid 3.Up to this we have completed. Query: Now we need to retrieve the details based on the user logged in. For eg: user 'USER A' has been provided with the referenceid '1234' during the time of order placement user 'USER B' has been provided with the referenceid '2468' during the time of order placement When the userA login and enter the refid as '2468' he should not get any details.He should get details only for the reference ids which is assigned to him. Similar TutorialsI have two tables. Table Name:Users Fields: User_name user_email user_level pwd 2.Reference Fields: refid username origin destination user_name in the users table and the username field in reference fields are common fields. There is user order form.whenever an user places an order, refid field in reference table will be updated.So the user will be provided with an refid Steps: 1.User needs to log in with a valid user id and pwd 2.Once logged in, there will be search, where the user will input the refid which has been provided to him during the time of order placement. 3.Now User is able to view all the details for any refid 3.Up to this we have completed. Query: Now we need to retrieve the details based on the user logged in. For eg: user 'USER A' has been provided with the referenceid '1234' during the time of order placement user 'USER B' has been provided with the referenceid '2468' during the time of order placement When the userA login and enter the refid as '2468' he should not get any details.He should get details only for the reference ids which is assigned to him. Hi - how's it going? I've been working on something with no luck and I'm wondering if you have any ideas. I have two tables; Members and Events. When a member logs in they are redirected to a page where I want them to be able to see a list of events that they have created based on a user ID that is common in both tables. So if the member has a memberID of 123 I want them to see any events that have the userID of 123. I used two different column names just for clarity. I've tried a number of variations on the following code: <?php session_start(); header("Cache-control: private"); // Connect to Database include ('includes/db.php'); //Has login info // If not logged in if (!$_SESSION['pkMemberID']) { echo ("<div class='box'><h2>Sorry, you are not logged in!</h2>"); exit(); } // Convert Session variable 'pkMemberID' to simple variable. $memberID = $_SESSION['memberID']; $pkMemberID = $_SESSION['pkMemberID']; $name = $_SESSION['name']; //Query Events $sql = "SELECT * FROM events WHERE userID = $memberID"; $result = mysql_query($sql); $num_rows = mysql_num_rows($result); echo ("<div>Events:<br />"); // Event exists if (!($num_rows == 0)) { $myrow = mysql_fetch_array($result); do { printf ('<span>– <a href="event_edit.php?pkEventID=%s">%s</a></span><br />', $myrow['pkEventID'], $myrow['eventName']); } while ($myrow = mysql_fetch_array($result)); } echo ("</div>"); //End Events //end page ?> Sometimes I get errors, sometimes just nothing. Any advice would be appreciated. Hi, All: I'm trying to figure out what way it's the best way to pull info belonging to a specific user based on whether he's a logged-in "member", and want to make sure he's not able to access any other member's details... would the best way be to try to match the user's "username" stored in a $_SESSION when fetching his info, something like this: Code: [Select] <?php // Assume the login combo is this: $username = $_POST['username']; $password = $_POST['password']; // Assume he has already logged in: $_SESSION['username'] = $username; //EXAMPLE 1: SELECTING user info simply from actual DB username/password match: if ($_SESSION['username']) { $userRecords = mysql_query("SELECT * FROM users WHERE username = '$username' AND password = '$password'"); $userInfo = mysql_fetch_array($userRecords); echo $userInfo['id'] . $userInfo['username'] . $userInfo['first-name'] . $userInfo['last-name'] . $userInfo['date-register']; } // EXAMPLE 2: or SELECTING user info based on $_SESSION['username'] value: if ($_SESSION['username']) { $userRecords = mysql_query("SELECT * FROM users WHERE username = . $_SESSION['username'] . AND password = '$password'"); $userInfo = mysql_fetch_array($userRecords); echo $userInfo['id'] . $userInfo['username'] . $userInfo['first-name'] . $userInfo['last-name'] . $userInfo['date-register']; } ?> So, my question is, are this actually working differently? is one better than the other as far as security, preventing other users from hacking either on purpose or accidenally into other user's details? thank! Appreciate any feedback... Im trying to create a website where users login, and then when they add a new entry to the database there name is put as the author. This is how my tables are set up. One table is named job and has the columns id, jobtext, jobdate, and authorid. Another table is called author. This table contains the columns id, username, password, and name. Authorid from the job table matches with id from the author table. When a user logins in this code is used to register the name...session_start(); $_SESSION['myusername'] = $_POST['myusername']; $_SESSION['mypassword'] = $_POST['mypassword']; header("location: index.php"); } else { echo "Wrong Username or Password"; } This is the form users use to add a new entry... if (isset($_GET['add'])) { $pagetitle = 'New Job'; $action = 'addform'; $text = ''; $authorid = ''; $id = ''; $button = 'Add job'; include $_SERVER['DOCUMENT_ROOT'] . '/jobs/includes/db.inc.php'; // Build the list of authors $sql = "SELECT id, name FROM author"; $result = mysqli_query($link, $sql); if (!$result) { $error = 'Error fetching list of authors.'; include 'error.html.php'; exit(); } while ($row = mysqli_fetch_array($result)) { $authors[] = array('id' => $row['id'], 'name' => $row['name']); } // Build the list of categories $sql = "SELECT id, name FROM category"; $result = mysqli_query($link, $sql); if (!$result) { $error = 'Error fetching list of categories.'; include 'error.html.php'; exit(); } while ($row = mysqli_fetch_array($result)) { $categories[] = array( 'id' => $row['id'], 'name' => $row['name'], 'selected' => FALSE); } include 'form.html.php'; exit(); } if (isset($_GET['addform'])) { include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; $text = mysqli_real_escape_string($link, $_POST['text']); $author = mysqli_real_escape_string($link, $_POST['author']); if ($author == '') { $error = 'You must choose an author for this job. Click ‘back’ and try again.'; include 'error.html.php'; exit(); } $sql = "INSERT INTO job SET jobtext='$text', jobdate=CURDATE(), authorid='$author'"; if (!mysqli_query($link, $sql)) { $error = 'Error adding submitted job.'; include 'error.html.php'; exit(); } $jobid = mysqli_insert_id($link); if (isset($_POST['categories'])) { foreach ($_POST['categories'] as $category) { $categoryid = mysqli_real_escape_string($link, $category); $sql = "INSERT INTO jobcategory SET jobid='$jobid', categoryid='$categoryid'"; if (!mysqli_query($link, $sql)) { $error = 'Error inserting job into selected category.'; include 'error.html.php'; exit(); } } } header('Location: .'); exit(); } Form.html.php = <?php include_once $_SERVER['DOCUMENT_ROOT'] . '/includes/helpers.inc.php'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title><?php htmlout($pagetitle); ?></title> <meta http-equiv="content-type" content="text/html; charset=utf-8"/> <style type="text/css"> textarea { display: block; width: 100%; } </style> </head> <body> <?php session_start(); ?> <h1><?php htmlout($pagetitle); ?></h1> <form action="?<?php htmlout($action); ?>" method="post"> <div> <label for="text">Type your job he </label> <textarea id="text" name="text" rows="3" cols="40"><?php htmlout($text); ?></textarea> </div> <div> <label for="author">Author:</label> <select name="author" id="author"> <option value="">Select one</option> <?php foreach ($authors as $author):?> <option value="<?php htmlout($author['id']); ?>"<?php if ($author['id'] == $authorid) echo ' selected="selected"'; ?>><?php htmlout($author['name']); ?></option> <?php endforeach; ?> </select> </div> <fieldset> <legend>Categories:</legend> <?php foreach ($categories as $category): ?> <div><label for="category<?php htmlout($category['id']); ?>"><input type="checkbox" name="categories[]" id="category<?php htmlout($category['id']); ?>" value="<?php htmlout($category['id']); ?>"<?php if ($category['selected']) { echo ' checked="checked"'; } ?>/><?php htmlout($category['name']); ?></label></div> <?php endforeach; ?> </fieldset> <div> <input type="hidden" name="id" value="<?php htmlout($id); ?>"/> <input type="submit" value="<?php htmlout($button); ?>"/> </div> </form> </body> </html> Right now, under authors, it displays all the authors in the database. I want it to just show/submit the authorid of the logged in user. I have two tables. Table Name:Users Fields: User_name user_email user_level pwd 2.Reference Fields: refid username origin destination user_name in the users table and the username field in reference fields are common fields. There is user order form.whenever an user places an order, refid field in reference table will be updated.So the user will be provided with an refid Steps: 1.User needs to log in with a valid user id and pwd 2.Once logged in, there will be search, where the user will input the refid which has been provided to him during the time of order placement. 3.Now User is able to view all the details for any refid 3.Up to this we have completed. Query: Now we need to retrieve the details based on the user logged in. For eg: user 'USER A' has been provided with the referenceid '1234' during the time of order placement user 'USER B' has been provided with the referenceid '2468' during the time of order placement When the userA login and enter the refid as '2468' he should not get any details.He should get details only for the reference ids which is assigned to him. <?php session_start(); if (!$_SESSION["user_name"]) { // User not logged in, redirect to login page Header("Location: login.php"); } $con = mysql_connect('localhost','root',''); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("login", $con); $user_name = $_POST['user_name']; $refid = $_POST['refid']; $query = "SELECT * from reference,users WHERE reference.username=users.user_name AND reference.refid='$refid' AND "; $result = mysql_query($query) or trigger_error('MySQL encountered a problem<br />Error: ' . mysql_error() . '<br />Query: ' . $query); while($row = mysql_fetch_array($result)) { echo $row['refid']; echo $row['origin']; echo $row['dest']; echo $row['date']; echo $row['exdate']; echo $row['username']; } echo "<p><a href=\"logout.php\">Click here to logout!</a></p>"; ?> <html> <form method="post" action="final.php"> Ref Id:<input type="text" name="refid"> <input type="submit" value="submit" name="submit"> </html> In my script, users login with their Username & Password. However, I'd like to be able to echo the email address used on their account.
I've tried adding the email to the session I'm not having much luck... Here's a piece of the login code(untouched);
$username = $_POST['name'];
$passwd = $_POST['passwd'];
$query = "SELECT name,passwd FROM users WHERE CONCAT('0x', hex(passwd)) = '{$salt}'";
$result = mysql_query($query);
$login_ok = false;
if(mysql_num_rows($result) > 0) {
$login_ok = true;
}
if($login_ok)
{
$row = mysql_fetch_array($result, MYSQL_NUM);
$_SESSION['user'] = $row;
I've also tried messing around with this piece below in a few different ways but still nothing.
<?php echo htmlentities($_SESSION['user']['email'], ENT_QUOTES, 'UTF-8'); ?>Any help is greatly appreciated.. ok im back quicker than i thought.... i got my drop box sorted and i got it reloading the page. so it all works correctly. but how do i get the page to display information regarding the film i have selected in the drop box.? i have no code for this at the mo. also i would like the drop box to display the selected item at top of box when it refreshes code for drop box: Code: [Select] <FORM> <?php $result = mysql_query( "SELECT * FROM movie_info ORDER BY title ASC ") ; echo "<select name= Film onChange='submit()' >film name</option>"; while ($nt=mysql_fetch_array($result)){ ?> <?php echo "<option value='$nt[id]'>$nt[title] </option>"; } ?> </select> </FORM> any help would be great Hello, I have a few questions. First, this is what I am trying to accomplish - I am trying to take values that are entered into forms. And then store them into a database. My plan was to take them into an array, and create a loop that wrote the values to the database. So, the first step I thought would be to learn how to take info from a form, then display it onto the screen. Theoretically, if I could do that, I could just learn the MySQL commands to write to the database, and paste them instead of printing to the screen. So, I gave it a go. It didn't work. The way the 'Key' is chosen with arrays in PHP was different than I thought. I gave my sample code to a friend and asked for his help. He gave me a working copy back, but signed off before I could ask questions This is what I am working with: Code: [Select] <html> <body> <form name = "barInfo" method = "post"> Establishment name: <input type = "text" name = "EstablishmentName"> <br> Street Address: <input type = "text" name = "StreetAddress"> <br> City: <input type = "text" name = "City"> <br> State: <input type = "text" name = "State"> <br> Zip: <input type = "text" name = "Zip"> <br> <input type="submit" name="Submit" value="Submit"> </form> <?php if (!empty($_POST['EstablishmentName'])) { <br> print "Now, lets see if this shit works..."; <br> print "Establishment Name:" . $_POST['EstablishmentName']; <br> print "Street Address:" . $_POST['StreetAddress']; <br> print "City:" . $_POST['City']; <br> print "State:" . $_POST['State']; <br> print "Zip:" . $_POST['Zip']; <br> } ?> </body> </html> Ok, first off I get a parse error or something like that when I try it. My book has '<br>' thrown all over the place inside '<?php>' things. How can I do an endl; type thing in PHP? Obv <br> does not work., Code: [Select] print "\n";Does nothing, either....? Second, the reason my code didn't display anything, but his did, was because I had a loop that displayed $details[$x], and 1 was added to $x every time it looped. Am I right in saying that during the html part of the code, whatever value is assigned to 'name = ', is the key pointing to that value in my array? If that is true, how would I make that become an integer and use it with a loop. Do I have to put: Code: [Select] name = "1", name = "2", etc...? Thanks in advance for the help! Sorry if I am not referring to terms correctly, I just started looking at HTML/PHP last week... Hello, i've got some shop script which has 2 payment modules which i'd like to use for something else, the payment modules only work if the user is logged in though, i tried to make them standalone scripts but that didn't work out too well. So now i decided to go another way and just let everyone have the same session so everyone will be using the same username&password automatically. the index file looks like this: Code: [Select] <?php include('./inc/config.php'); include('./inc/functions.php'); include('./lang/'.$language.'.lng'); $id = addslashes($_REQUEST["id"]); $user = addslashes($_REQUEST["username"]); $pass = addslashes($_REQUEST["password"]); $language = strtolower($language); if(empty($id)) $id =1; $file = mysql_query('SELECT * FROM navi_'.$language.' WHERE id="'.$id.'"'); if(mysql_num_rows($file)>0) $file = mysql_fetch_array($file); else $file = mysql_fetch_array(mysql_query('SELECT * FROM navi_'.$language.' WHERE id="404"')); if(!empty($user) AND !empty($pass)) {$query = mysql_query('SELECT * FROM users WHERE username="'.$user.'" AND pass="'.md6($pass).'"'); if(mysql_num_rows($query) == 1) {$_SESSION[$session_prefix."user"] = ucfirst($user); echo'<meta http-equiv="refresh" content="0; url=index.php?id=8">';} else $error = 'Username oder Passwort ist falsch.';} include('./designe/'.$designe.'/head.tpl'); include('./designe/'.$designe.'/navi.php'); include('./designe/'.$designe.'/middle.tpl'); if(file_exists('./pages/'.$file["file"])) {echo'<h1>'.ucfirst($file["title"]).'</h1>'; include('./pages/'.$file["file"]);} if(!empty($error)) echo '<font color="red">'.$error.'</font>'; include('./designe/'.$designe.'/foot.tpl'); ?> Now i tried alot of things including adding: Code: [Select] session_start(); $_SESSION["username"] = "peter"; $_SESSION["user"] = "peter"; $_SESSION["id"] = "1"; $_SESSION["pass"] = "peter"; $_SESSION["password"] = "peter"; or Code: [Select] $id = "1"; $user = "peter"; $username = "peter"; $pass = "peter"; $password = "peter"; also a combination of both, nothing works, but i don't understand why ? Any help is appreciated. /Edit, i tried adding it to the paymentmodule .php aswell, but no luck. This is for band website for its event listings. The main event page list everything fine, but once selecting the "Details" link which activates the switch event. Its no longer showing anything. When I had one event in the data base it worked fine, but now I have 3 events in the database and now its not working. Page can be viewed he http://184.66.66.169/ffy/event.php Code: [Select] <?php //Event Code Here $eventid = (isset($_GET["id"])) ? intval($_GET["id"]) : 0; switch($_GET["list"]=='true') { case "0": if($_GET["id"]== $eventid) { $result = mysql_query("SELECT * FROM event ORDER by eventdate DESC"); if (!$result) { die("query failed: " . msql_error()); } while ($row = mysql_fetch_array($result)) { list($id, $eventdate, $header, $description, $image, $location) = $row; $description = nl2br($description); $eventdate = date("M j, Y",strtotime("$eventdate")); print(' <table width="680" border="0" cellpadding="14" cellspacing="0"> <tr> <td> <div class="myFont"><font size="+1" color="#4e8baf">'.$eventdate.' - </font><font size="+1"><b>'.$header.'</b></font></div> <font size="-2" color="#CCCCCC"><a href="event.php?list=true&eventid='.$id.'">Details</a></font><br /> <hr color="#FFFFFF" width="100" align="left" size="1"> </td> </tr> </table> '); }} break; case "true": if($_GET["id"]==$eventid) { $resultd = mysql_query("SELECT * FROM event WHERE id=$eventid LIMIT 1"); if (!$resultd) { die("query failed: " . msql_error()); } while ($row = mysql_fetch_array($resultd)) { list($id, $eventdate, $header, $description, $image, $location) = $row; $description = nl2br($description); $eventdate = date("M j, Y",strtotime("$eventdate")); print(' <table width="680" border="0" cellpadding="14" cellspacing="0"> <tr> <td> <div class="myFont"><font size="+1" color="#4e8baf">'.$eventdate.' - </font><font size="+1"><b>'.$header.'</b></font></div> '.$description.'<br /> <hr color="#FFFFFF" width="100" align="left" size="1"> <center> '.$location.' </center> </td> </tr> </table> '); } break; }} ?> Hello all, This has probably been asked before but I couldn't find through search. And I'm pretty sure is not possible, but... Is there a way of displaying the windows logged on user? or get the name of the compter? as I know I can get the ip address. The reason I ask. Each user has their own network account but on occasion we need to log on a user as a generic account we have. And I want to check if it's this user accessing the page so different options etc can be displayed. I could use the computer name to check this as we log all activity. I could then query the log using the comp name to find logged on user. Unfortunately the log does not hold ip, which would seem obvious but it doesn't Many Thanks Hi there,
I've been searching the internet for the best way to check if the user has been logged in. Some codes have security breaches. So I'm not sure where to start.
Here's what I've come up with:
The user logs in and is checked whether he/she is a valid user, if not return false and if true carry on and create session, I read the post that Jacques1 made about session feedback and implemented what he said. After that the session variables are assigned and then the user id, session_id and a unique identifier to check against on each page load are inserted into a database and then the user is logged in.
Here's my code: (please note this is in a class and only shows the login function)
function Login($username, $password)
{
try
{
$db = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME.";charset=utf8", DB_USERNAME, DB_PASSWORD);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
}
catch(PDOException $ex)
{
echo "Unable to connect to DB";
error_log($ex->getMessage());
}
try
{
$User_Info = $db->prepare("SELECT * FROM users WHERE username=:username");
$User_Info->bindValue(":username", $username, PDO::PARAM_STR);
$User_Info->execute();
$Info = $User_Info->fetchAll(PDO::FETCH_ASSOC);
$salt = $Info['salt'];
$password = $salt . $password;
$password = $this->CreateHash($password);
$unique_key = $this->GenerateRandom();
$unique_key = $this->CreateHash($unique_key);
$Check_User = $db->prepare("SELECT * FROM users WHERE username=:username AND password=:password");
$Check_User->bindValue(":username", $username, PDO::PARAM_STR);
$Check_User->bindValue(":password", $password, PDO::PARAM_STR);
$Check_User->execute();
if($Check_User->rowCount() > 0)
{
while($row = $Check_User->fetchAll(PDO::FETCH_ASSOC))
{
session_destroy();
session_start();
$_SESSION = array();
session_regenerate_id(true);
$_SESSION['username'] = $row['username'];
$session_id = session_id();
$user_id = $row['id'];
$Check_Logged_In = $db->prepare("DELETE FROM logged_in_users WHERE user_id=:userid");
$Check_Logged_In->bindValue(":user_id", $user_id, PDO::PARAM_STR);
$Check_Logged_In->execute();
$has_changed = $Check_Logged_In->rowCount();
if($has_changed > 0)
{
$Logged_In = $db->prepare("INSERT INTO logged_in_users (id, user_id, session_id, unique_key) VALUES (NULL, :user_id, :session_id, :unique_key)");
$Logged_In->bindValue(":user_id", $user_id, PDO::PARAM_STR);
$Logged_In->bindValue(":session_id", $session_id, PDO::PARAM_STR);
$Logged_In->bindValue(":unique_key", $unique_key, PDO::PARAM_STR);
$Logged_In->execute();
$affected_rows = $Logged_In->rowCount();
if($affected_rows > 0)
{
return true;
}
}
return false;
}
}
return false;
}
catch(PDOException $ex)
{
echo "Unable to complete query";
error_log($ex->getMessage());
}
}
Thanks
In the site I am making, the client wants one account for everyone (don't ask me why, it's a long, silly reason) And I'm wondering how I would configure mySQL to deal with that (I asked this in the mySQL area) and in PHP (For you guys ) what would I need to put in order for this to work. I'm very new with PHP and mySQL, so please forgive the nooby question. *EDIT* the admins have their own username and psw for adding, deleting, and editing articles. and that works. But all users that register will have this set user and psw displayed to them. I want to make it so they have to log in to see an article. Hi, I want have this code (below), how would I check if a user is logged in? I want to make it so they can only see 500 chars, or the full thing if they're logged in. Thanks! Code: [Select] public function __construct( $data=array() ) { if ( isset( $data['id'] ) ) $this->id = (int) $data['id']; if ( isset( $data['publicationDate'] ) ) $this->publicationDate = (int) $data['publicationDate']; if ( isset( $data['title'] ) ) $this->title = preg_replace ( "/[^\.\,\-\_\'\"\@\?\!\:\$ a-zA-Z0-9()]/", "", $data['title'] ); if ( isset( $data['summary'] ) ) $this->summary = preg_replace ( "/[^\.\,\-\_\'\"\@\?\!\:\$ a-zA-Z0-9()]/", "", $data['summary'] ); if ( isset( $data['content'] ) ) $this->content = $data['content']; if ( isset( $data['tags'] ) ) $this->tags = $data['tags']; } How do I get the current logged in username or id using the Twitter API? Hi, I'm trying to display a user review system allowing user's to vote. This works fine, but I'm trying to user php to only display the rating system if the user is logged in and display alternate text if they are not. I am getting the following error: Parse error: syntax error, unexpected T_ELSE in XXXXXX on line 182 Here's the code: Code: [Select] <?php if ($_SESSION['username']){ $query = mysql_query("SELECT * FROM locations WHERE name = '$location'"); while($row = mysql_fetch_array($query)) { $rating = (int)$row[rating] ?> <div class="floatleft"> <div id="rating_<?php echo $row[id]; ?>"> <span class="star_1"><img src="fivestars/star_blank.png" alt="" <?php if($rating > 0) { echo"class='hover'"; } ?> /></span> <span class="star_2"><img src="fivestars/star_blank.png" alt="" <?php if($rating > 1.5) { echo"class='hover'"; } ?> /></span> <span class="star_3"><img src="fivestars/star_blank.png" alt="" <?php if($rating > 2.5) { echo"class='hover'"; } ?> /></span> <span class="star_4"><img src="fivestars/star_blank.png" alt="" <?php if($rating > 3.5) { echo"class='hover'"; } ?> /></span> <span class="star_5"><img src="fivestars/star_blank.png" alt="" <?php if($rating > 4.5) { echo"class='hover'"; } ?> /></span> </div> </div> <div class="star_rating"> (Rated <strong><?php echo $rating; ?></strong> Stars) </div> <div class="clearleft"> </div> } } <?php else { echo "Log in to review"; } ?> Thanks in advance for any help. I'm sure it's something trivial but I can't see it! I want to show data for logged in user, i am using sessions to login. This is the code i already have: // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //this selects everything for the current user, ready to be used in the script below $result = mysql_query("SELECT id, points, ingame_points, ingame_money, ingame_items FROM members; WHERE username = $_SESSION['myusername']"); //this function will take the above query and create an array while($row = mysql_fetch_array($result)) { //with the array created above, I can create variables (left) with the outputted array (right) $points = $row['points']; $id = $row['id']; $ingame_points = $row['ingame_points']; $ingame_money = $row['ingame_money']; $ingame_items = $row['ingame_items']; } Help ? $sql = "SELECT id,username, date1, date2, total FROM datetable WHERE username = '".$_SESSION['uid']['username'] ."'"; Hello again, I ran into problem when trying to pull information for logged in user. I'm trying to display results for current user only who is signed in. Now I do have session_start(); and my query works if I replace '".$_SESSION['uid']['username'] ."'"; with 'specificusername' but when I run my current query displayed above it returns me all records with username = empty (I have some empty usernames for testing reasons). So that tells me that query cant find unique user name that is logged in. I don't get any errors and query still goes through. My datetable structure is
My uid is defined in another document like so and uses another table called "users"
session_start();
$_SESSION['id'] = $row['idUsers'];
$_SESSION['uid'] = $row['uidUsers'];
$_SESSION['email'] = $row['emailUsers'];
header("Location: ../member.php?login=success");
exit();
This query works on another page where it displays logged in username in html document. <?php echo $_SESSION['uid']; ?>
I have tried many different ways yesterday to modify my request ( WHERE username = $_SESSION['uid']; WHERE username = '".$_SESSION["uid"]) many other variations, but no matter what never returns logged in user information only empty username records. Can anyone see a problem with that query? or is it due to something else I'm missing?
Sorry, maybe this goes in MySQL thread not here in PHP page. If someone can, please move it. Thanks. Edited April 25, 2020 by sfia comment on where to post this topic Hi Guys, Just a quick introduction I am NOT a student I am a IT Technician in a School in the South of the United Kingdom. I am trying to write a PHP Script with a Function that Checks if the user is logged in, if the user is logged in then it shows the user the content on the page but if they are not logged in then to show a blank page with a link to the Login Page. I need it to be simple. I just want it to check if a useer is logged in but if there not only show some content on a page. Can anyone help? My Users login into a php Session. Thanks for any help you can offer. Best Regards Thomas i need to display the fullname and email of the logged in user. <?php session_start(); mysql_connect("localhost", "root", "") or die(mysql_error()); mysql_select_db("db_register") or die(mysql_error()); $query = "SELECT` fullname`, `email` FROM `members` WHERE `username`='".$_SESSION['user']."' LIMIT 1"; if($doQuery = mysql_query($query)) { if(mysql_num_rows($doQuery)) { $user = mysql_fetch_assoc($doQuery); print_r($user); } else { echo 'No result returned for the query: '.$query; } } else { echo 'The following query failed: '.$query; } $id = $user['id']; $fullname = $user['fullname']; $email = $user['email']; } ?> <br> Fullname : <?php echo $fullname; ?> <br> Email : <? echo $email; ?> ?> HELP please . |
|||||||