PHP - Selecting User Specific Information After Login

I am trying to make a filter to show posts from mutual friends between you and the persons profile you're on, I have somewhat of an idea on how to write the mysql query (it needs to be just one query, not two(which would be the easy way of doing it)).

the "friends" table has:
"friend_1" and "friend_2"

and the "posts" table:
"to_id" and "from_id"

The PHP variables would be:
"$session" and "$id"
id would be the users Id of the profile you're on.

Thanks, any help would be appreciated.

SELECT * FROM `booking_tbl` WHERE booking_status = 'Check In' AND departure_date_time = NOW()"

I use the datetime datatype for the departure_date_time so i can get data from that data because it checking the date and time   but i want it to check on the date from the datetime datatype   So how can i get the data only with that date without the time in the mysql datetime datatype

I would appreciate your assistance, there are tons of login scripts and they work just fine. However I need my operators to login and then list their activities for the other operators who are logged in to see and if desired send their clients on the desired activity. I have the login working like a charm and the activities are listed just beautifully. How do I combine the two tables in the MySQL with PHP so the operator Logged in can only make changes to his listing but see the others.

FIRST THE ONE script the member logges in here to the one table in MSQL:
<?php
   session_start();
   
   require_once('config.php');
   
   $errmsg_arr = array();
   
   $errflag = false;
   
   $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
   if(!$link) {
      die('Failed to connect to server: ' . mysql_error());
   }
   
   $db = mysql_select_db(DB_DATABASE);
   if(!$db) {
      die("Unable to select database");
   }
   
   function clean($str) {
      $str = @trim($str);
      if(get_magic_quotes_gpc()) {
         $str = stripslashes($str);
      }
      return mysql_real_escape_string($str);
   }
   
   $login = clean($_POST['login']);
   $password = clean($_POST['password']);
   
   if($login == '') {
      $errmsg_arr[] = 'Login ID missing';
      $errflag = true;
   }
   if($password == '') {
      $errmsg_arr[] = 'Password missing';
      $errflag = true;
   }
   
   if($errflag) {
      $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
      session_write_close();
      header("location: login-form.php");
      exit();
   }
   
   $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'";
   $result=mysql_query($qry);
   
   if($result) {
      if(mysql_num_rows($result) == 1) {
         session_regenerate_id();
         $member = mysql_fetch_assoc($result);
         $_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
         $_SESSION['SESS_FIRST_NAME'] = $member['firstname'];
         $_SESSION['SESS_LAST_NAME'] = $member['lastname'];
         session_write_close();
         header("location: member-index.php");
         exit();
      }else {
         header("location: login-failed.php");
         exit();
      }
   }else {
      die("Query failed");
   }
?>

................................................. ................................
Now I need the person who logged in to the table above to be able to make multiple entries to the table below

<?
$ID=$_POST['ID'];
$title=$_POST['title'];
$cost=$_POST['cost'];
$activity=$_POST['activity'];
$ayear=$_POST['aday'];
$aday=$_POST['ayear'];
$seats=$_POST['special'];
$special=$_POST['seats'];
mysql_connect("xxxxxx", "xxx350234427", "========") or die(mysql_error());
mysql_select_db("xxxx") or die(mysql_error());
mysql_query("INSERT INTO `activity` VALUES ('ID','$title', '$cost','$activity', '$aday', '$ayear', '$special', '$seats')");
Print "Your information has been successfully added to the database!"
?>
Click <a href="member-profile.php">HERE</a> to return to the main menu
  <?php      
?>

Alright, I've been assigned a project at work. I did not develop the application and the individual who did used CodeIgnited framework and mysql as the db.   Here's the problem, I'm not given much OT to do this and in our meeting the best way to proceed was to replicate the database for different parts of the organization. Basically we are a subsidiary and have been using an application that other groups within the organization want to use. Usually I would reconfigure the db schema and add org ids and in the user table add the appropriate organization to go to. However, they are not giving me enough time to do that.   So what I'm thinking is to just create a copy of the database we use (just the structure) and create a new database.   What I want to know is how to use mysql to check to see if a user exists in one database and if they don't then to go on to the next database. I understand this is a very sloppy way to do it, but it's the way we are moving forward.   I found the code to connect to the db in CodeIgnitor... how can I connect to a database, check to see if the user exists, then close that db connection and try the next database?  

    /**
     * Select the database
     *
     * @access    private called by the base class
     * @return    resource
     */
    function db_select()
    {
        return @mysql_select_db($this->database, $this->conn_id);
    }

  Thanks in advance.

I Have a protected members section on my site for staff. I would like it so that information specific to that member of staff would appear on their homepage straight after login. Just basic information that is stored on a MySQL database so they can login and check appointments and clients etc for the week etc.

is this something that is possible to do in PHP and MySQL? or am I going mad?

At the moment I have the entire table on the members homepage and the only way I've figured out to specify a member to only show one users information is to use - (SELECT * FROM Tutors WHERE name = 'XXX'. I don't like this method as it would mean i would have to have a separate files for each member. I was hoping I could do something along the lines of - WHERE name = ' relative to the login name used'. but I am sure I am flogging a dead horse here.

So many websites do this kind of thing and I'm surprised after scouring the net for hours and hours that I haven't found any useful information or tutorials on the subject. I am fairly new to programming in PHP and MySQL and am only just getting to grips with the lingo. Maybe I've just been seacrhing the wrong thing, I don't Know.

Any help at all would be amazing and much appreciated, a nudge in the right direction would be a start as I'm getting nowhere on my own

THANKS

Hi guys,

Can anyone assist me. I am trying to create a login for admin and user (if user not a member click register link) below is my code: But whenever I enter the value as: Username: admin Password:123 - I got an error message "That user does not exist!"

Any suggestion and help would be appreciated.
Thanks.

login.php

<?php 

//Assigned varibale $error_msg as empty

//$error_msg = "";

session_start();

$error_msg = "";

if (isset($_POST['submit'])) {

if ($a_username = "admin" && $a_password = "123") 

{

//Define $_POST from form text feilds

$username = $_POST['username'];

$password = $_POST['password'];

//Add some stripslashes

$username = stripslashes($username);

$password = stripslashes($password);

//Check if usernmae and password is good, if it is it will start session

if ($username == $a_username && $password == $a_password)

{

session_start();

$_SESSION['session_logged'] = 'true';

$_SESSION['session_username'] = $username;

//Redirect to admin page

header("Location: admin_area.php");

}

}

$username = (isset($_POST['username'])) ? $_POST['username'] : ''; 

$password = (isset($_POST['password'])) ? $_POST['password'] : ''; 

if($username && $password) {

$connect = mysql_connect("localhost", "root", "") or die ("Couldn't connect!");

mysql_select_db("friendsdb") or die ("Couldn't find the DB");

$query = mysql_query ("SELECT * FROM `user` WHERE username = '$username'");

$numrows = mysql_num_rows($query);

if ($numrows != 0){

while ($row = mysql_fetch_array($query)) {

$dbusername = $row['username'];

$dbpassword = $row['password'];

}

//Check to see if they are match!

if ($username == $dbusername && md5($password) == $dbpassword) {

header ("Location: user_area.php");

$_SESSION['username'] = $username;

}

else

$error_msg = "Incorrect password!";

//code of login

}else

$error_msg = "That user does not exist!";

//echo $numrows;

}

else

$error_msg = "Please enter a username and password!";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login Page</title>
</head>

<body>
<br />
<?php

require "header.php";
?><br />
<div align="center">
<table width="200" border="1">

<?php

// If $error_msg not equal to emtpy then display error message

if($error_msg!="") echo "<div id=\"error_message\"style=\"color:red; \">$error_msg</div><br />";?>

<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
<!--form action="login_a.php" method="post"-->

Username: <input type="text" name="username" /><br /><br />

Password: <input type="password" name="password"  /><br /><br />

<input type="submit" name = "submit" value="Log in"  />
</form> <p> </p>

Register a <a href="register.php">New User</a>
</table>
</div>
</body>
</html>

I was wondering if you could help me. I am currently trying to use the 'GET users/show' command in the Twitter API, however it is not working. Can anyone see where I am going wrong?

<?php include "library/twitteroauth.php"; ?>
<?php
$consumer = "key";
$consumersecret = "key";
$accesstoken = "key";
$accesstokensecret = "key";

$twitter = new TwitterOAuth($consumer, $consumersecret, $accesstoken, $accesstokensecret);
$tweets = $twitter->get('https://api.twitter.com/1.1/users/lookup.json?screen_name=twitterapi,twitter');

?>

<html>
    <head>
            <meta charset ="UTF-8" />
            <title>Twitter Search</title>       
    </head>
        <body>
            <form action="" method="post">
            <label>Search: <input type="text" name ="keyword"/>
            </form>
            <?php 
            if ( isset($_POST['keyword'])){
                $tweets = $twitter->get('https://api.twitter.com/1.1/users/lookup.json?screen_name='.$_POST['keyword']. '');
                foreach($tweets as $tweet){
                    foreach ($tweet as $t){
                        echo ($t->text);
                    }
                    }
                    }           

            ?>
        </body>
</html>

File name:loginch.php


<?
include ("session.php");
include ("Connection.php");
?>
<!doctype html public "-//w3c//dtd html 3.2//en">

<html>

<head>
<title>(Welcome)</title>
<meta name="GENERATOR" content="Arachnophilia 4.0">
<meta name="FORMATTER" content="Arachnophilia 4.0">
</head>

<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#800080" alink="#ff0000">

<?
$usr = $_POST['userid'];
$pass = $_POST['password'];

$usr=mysql_real_escape_string($usr);
$pass=mysql_real_escape_string($pass);

if($rec=mysql_fetch_array(mysql_query("SELECT * FROM signup WHERE userid='$usr' AND password = '$pass'"))){
   if(($rec['userid']==$usr)&&($rec['password']==$pass)){
    include ("newsession.php");
   
            echo "<p class=data> <center>Successfully,Logged in<br><br><a href='logout.php'> Log OUT </a><br><br><a href=welcome.php>Click here if your browser is not redirecting automatically or you don't want to wait.</a><br></center>";
     print "<script>";
       print " self.location='welcome.php';"; // Comment this line if you don't want to redirect
          print "</script>";

            } 
      }   
   else {

      session_unset();
echo "<font face='Verdana' size='2' color=red>Wrong Login. Use your correct  Userid and Password and Try <br><center><input type='button' value='Retry' onClick='history.go(-1)'></center>";
      
   }
?>


</body>

</html>

File Name:Front.htm

Code: [Select]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Home Page</title>
<style type="text/css">
#dropDownMenu ul {
   padding: 5px;
   margin: 0px;
   text-decoration: none;
   list-style-type: none;
}
#dropDownMenu ul li {
   display: inline;
   width: 100px;
   float: left;
   text-transform: uppercase;
   font-size: large;
   padding: 0px 20px 0px 0px;
}


#dropDownMenu ul li a {
   color: #666666;
   text-decoration: none;
   line-height: 15px;
   font-size: medium;
}
#dropDownMenu ul li ul {
   visibility: hidden;
}
#dropDownMenu ul li ul li a {
   font-size: 0.70em;
   text-transform: uppercase;
}
.style1 {
   text-align: left;
}
.style2 {
   text-align: center;
}
.style3 {
   margin-left: 0px;
}
#apDiv1 {
   position:absolute;
   width:723px;
   height:93px;
   z-index:3;
   left: 124px;
   top: -11px;
}
body {
   background-color: #69F;
}
#apDiv2 {
   position:absolute;
   width:416px;
   height:182px;
   z-index:3;
   left: 314px;
   top: 318px;
}
</style>
</head>

<body>

<div style="position: absolute; width: 929px; height: 564px; z-index: 2; left: 158px; top: 36px" id="layer1">
  <div style="position: absolute; width: 193px; height: 90px; z-index: 4; left: 626px; top: 135px; bottom: 579px" id="layer3">
      <img src="th_ibm-logo.gif" width="219" height="88" /></div>
   <div style="position: absolute; width: 711px; height: 178px; z-index: 3; left: 100px; top: 79px" id="layer2"><img src="top_banner_corporate2.gif" width="769" height="203" class="style3" /></div>
  <div class="style2" id="apDiv1">
    <h1><em>WELCOME TO AZ GLOBALCTS</em></h1>
  </div>
  <div id="apDiv2">
    <form action='loginck.php' method=post>
    <table border='0' align=center cellpadding='0' cellspacing='0'>
    <tr id='cat'>
  <tr> <td bgcolor='#f1f1f1' ><font face='verdana, arial, helvetica' size='2' align='center'>  &nbsp;Login ID  &nbsp; &nbsp;
</font></td> <td bgcolor='#f1f1f1' align='center'><font face='verdana, arial, helvetica' size='2' >
<input type ='text' class='bginput' name='userid' ></font></td></tr>

<tr> <td bgcolor='#ffffff' ><font face='verdana, arial, helvetica' size='2' align='center'>  &nbsp;Password 
</font></td> <td bgcolor='#ffffff' align='center'><font face='verdana, arial, helvetica' size='2' >
<input type ='text' class='bginput' name='password' ></font></td></tr>

<tr> <td bgcolor='#f1f1f1' colspan='2' align='center'><font face='verdana, arial, helvetica' size='2' align='center'> 
<input type='submit' value='Submit'> <input type='reset' value='Reset'>
</font></td> </tr>


<tr> <td bgcolor='#ffffff' ><font face='verdana, arial, helvetica' size='2' align='center'> &nbsp;<a href='signup.php'>New Member Sign UP</a></font></td> <td bgcolor='#ffffff' align='center'><font face='verdana, arial, helvetica' size='2' ><a href=forgot-password.php>
Forgot Password</a> ?</font></td></tr>

<tr> <td bgcolor='#f1f1f1' colspan='2' align='center'><font face='verdana, arial, helvetica' size='2' align='center'>&nbsp; 
</font></td> </tr>


</table>
  </center>
    </form>
  </div>
</div>

</body>

</html>

Error:

Successfully,Logged in

Log OUT

Click here if your browser is not redirecting automatically or you don't want to wait.
"; print ""; } } else { session_unset(); echo "Wrong Login. Use your correct Userid and Password and Try
"; } ?>


Please help

Thanks in advanced

 i need to display the  fullname and email of the logged in user.

<?php
session_start();
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("db_register") or die(mysql_error());
$query = "SELECT` fullname`, `email` FROM `members` WHERE `username`='".$_SESSION['user']."' LIMIT 1";
if($doQuery = mysql_query($query)) {
    if(mysql_num_rows($doQuery)) {
      $user = mysql_fetch_assoc($doQuery);
      print_r($user);
    } else {
      echo 'No result returned for the query: '.$query;
    }
  } else {
    echo 'The following query failed: '.$query;
  }
$id = $user['id'];
$fullname = $user['fullname'];
$email = $user['email'];
}
?>
<br>
Fullname : <?php echo $fullname; ?>
<br>
Email : <? echo $email; ?>
?>


HELP please .

Hi, I want to update user information in the database but it doesn't do anything. No data entered upon form submission. Please anyone if you can help would be great. Thank you.

Code: [Select]
<?php
ini_set ("display_errors", "1");
error_reporting(E_ALL);
$host = "";//edited out
$database  = "";
$username  = "";
$password  = "";
 
$tbl_name   = "users";
$link = mysqli_connect($host, $username, $password);
$conn = mysql_connect($host, $username, $password) or die("Could not connect: " . mysql_error());
mysql_select_db($database);
 
session_start();
 
IF (isset($_SESSION['userid'])){
$userid=$_SESSION['userid'];
 echo $userid;
}

//$currentUser = $_SESSION['myusername']; 

//do some cleanup//
IF (isset($_POST['submit'])){

$first =  $_POST['first'];
$last = $_POST['last'];
$dob = $_POST['dob'];
$gender =  $_POST['gender'];
 
$country =  $_POST['country'];
$state =   $_POST['state'];
$town =   $_POST['town'];
$zip =  $_POST['zip'];
$email =  $_POST['email'];
 


$first = mysql_real_escape_string( '$first');
$last = mysql_real_escape_string(  '$last');
$dob = mysql_real_escape_string(  '$dob');
$gender = mysql_real_escape_string(  '$gender');
 
$country = mysql_real_escape_string(  '$country');
$state = mysql_real_escape_string(  '$state');
$town = mysql_real_escape_string(  '$town');
$zip = mysql_real_escape_string(  '$zip');
$email = mysql_real_escape_string(  '$email');
 
 
};
IF (isset($_SESSION['userid'])){
$userid=$_SESSION['userid'];
}
ELSE{
$getuserid=mysql_query ("SELECT id FROM users ORDER BY id DESC limit 1") or die(mysql_error());
WHILE ($gtuserid = mysql_fetch_array($getuserid)) {
$theuserid=$gtuserid['id'];
$userid=$theuserid;
$_SESSION['userid']=$theuserid;
$userid=$_SESSION['userid'];
}//$getuserid
}// IF ELSE (isset($_SESSION['userid']))
 

/////UPDATE SECTION///// 
IF (isset($_POST['submit'])){
mysql_query ( "UPDATE users SET firstname='$first', lastname='$last', dob = '$dob', gender='$gender',    country='$country', state='$state', town='$town', zip='$zip', email='$email'   WHERE id=$userid") or die(mysql_error());  
}//IF ($_POST['update']=="Update")


 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Connection</title>
<style type="text/css">
body {
font-family:Calibri;
font-size:1em;
}
.title {
font-size:1.6em;
font-weight:strong;
}
.links a{
font-size::1.2em;
text-decoration:none;
}
.links a:hover{
font-size::1.2em;
color:#0066FF;
text-decoration:none;
}
</style>
</head>
<body>
<p><span class="title">Add your personal information/span></p>
 
 <form action="thebeast.php" method="post">
    <p>
    <input type="text" name="first" size="20" id="first"  />
  First name<br />
    <input type="text" name="last" size="20"  id="name" />
    Last name<br />
    <input name="dob" type="text" size="20" id="dob"  ; } ?>
    Date of Birth<br />
    <input type="text" name="gender" size="20" id="gender"   />
  Gender <br />
  <input type="text" name="country" size="20" id="country"   />
  Country<br />
  <input type="text" name="state" size="20" id="state"   />
  State<br />
    <input type="text" name="town" size="20" id="town"  />
    Town<br />
    <input type="text" name="zip" size="20" id="zip"  />
Zip Code<br />
    <input type="text" name="email" size="40" id="email"   />
    Email<br />
    <br />
     
 
     
 
     
   <input type="submit" name="submit" value="Add your information" />
     
       
</form> 
 
 
 
 
 
</body>
</html>

Okay, so I have a database with user log on info, and unique ID's. How to I allow the user to save info from a form, and be able to log out and come back and log on to see/edit that info.


Thanks!

Hallo everybody, i have the following code. but i get allways this error while the user exist in the database. User not found! what do i do wrong?   thank you very much for your help Rafal

<html>
<head>
<?php
$connection = mysql_connect("db.xyz.com", "username", "password")
or die ("connection fehler");
mysql_select_db("db0123456789")
or die ("database fehler");
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysql_query("SELECT email FROM gbook WHERE email = '($email)' ");
$chkuserare = mysql_num_rows($chkuser);
echo $email;
echo $pwd;
if ($chkuserare !=0)
{
$chkpwd = mysql_query("SELECT pwd FROM gbook WHERE email = '($email)' ");
$pwddb = mysql_fetch_assoc($chkpwd);
if ($pwd != $pwddb["pwd"])
{
echo "password is wrong!";
}
else
{
echo "login successed";
}
}
else
{
echo "User not found!";
}
}
else
{
echo "Pleas enter your email and password!";
}
mysql_close($connection);
?>
</head>
<body>
<form action="login.php" method="post">
Email <input type="text" name="inp_email"><br>
Password <input type="text" name="inp_pwd"><br>
<input type="submit" name="submit" value="login">
</form>
</body>
</html>

Edited by rafal, 21 September 2014 - 04:33 PM.

Hallo everybody, the user is in the table, but i get error (user not found!).   thank you very much for your help Rafal

<!DOCTYPE html>
<html>
<head>
<title>index</title>
<meta http-EQUIV="CONTENT-LANGUAGE" content="en">
<?php
SESSION_START();
include("abc.php");
$link2 = mysqli_connect("$hoster", "$nameuser", "$password", "$basedata")
or die ("connection error" . mysqli_error($link2));
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysqli_query("SELECT email FROM $table2 WHERE email = '$email' ");
$chkuserare = mysqli_num_rows($chkuser);
if ($chkuserare !=0)
{
$chkpwd = mysqli_query("SELECT pwd FROM $table2 WHERE email = '$email'");
$pwddb = mysqli_fetch_assoc($chkpwd);
if (md5($pwd) != $pwddb["pwd"])
{
echo "Password is wrong!";
}
else
{
$_SESSION['username'] = $email;
header ('Location:list.php');
}
}
else
{
echo "user not found!";
}
}
else
{
echo "enter your Email and Password!";
}
mysqli_close($link2);
?>
</head>
<body style="font-family: arial;margin: 10; padding: 0" bgcolor="silver">
<font color="black">
<br>
<form action="index.php" method="post">
<b>Login</b><br><br>
<table width="100%">
<tr><td>
Email:<br><input type="text" name="inp_email" style="width:98%; padding: 4px;"><br>
Password:<br><input type="password" name="inp_pwd" style="width:98%; padding: 4px;"><br>
<br>
<input type="submit" name="submit" value="Login" style="width:100%; padding: 4px;">
</td></tr>
</table>
</form>
</font>
</body>
</html>

This topic has been moved to Application Design.

http://www.phpfreaks.com/forums/index.php?topic=347193.0