|
PHP - Insert And Session
Just want to know if it is possible to do something like this? If so, how?
Code: [Select] $qry = "SELECT * FROM users WHERE password='$password' AND username='$_SESSION['SESS_USER_NAME']'"; Similar TutorialsIm trying to insert a name into my database but I need it to go into the column that matches the sessions user id Code: [Select] "INSERT INTO users SET name = '".$_POST['name']."'"; how do I tell it to put name into name column with id matching Session id. really appreicate if someone could please help me with this. $result = mysqli_query($con,"SELECT * FROM $_SESSION['datakey']"; Came a long way with the code since Friday and have another issue.
I can echo the session username on my pages but not into the insert command to the database. I need this so when a user logs in only their data will be seen. Here is the code pages.
Here is the page code this does echo the username
Logged in as <?php echo "$username"; ?>
<?php
// Start session
session_start() ;
$username = $_SESSION['username'];
// Include required functions file
require_once('include/db/functions.inc.php') ;
// Check login status ... if not logged in, redirect to login screen
if (check_login_status() == false) {
redirect('login.php') ;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Add A New Tank(WAD)</title>
<style type="text/css"></style>
</head>
<body>
<p align="center"><a href="../test/index.php">Home</a> | <a href="../test/register.php">Register</a> | <a href="../test/login.php">Login</a> | <a href="../test/tank.php">Add Tank</a> | <a href="../test/fish.php">Add Fish</a> | <a href="../test/plants.php">Add Plants</a> | <a href="../test/water-test.php">Add Water Test</a> | <a href="../test/include/login/logout.inc.php">Logout</a></p></p>
<p>Logged in as <?php
echo "$username";
?> </p>
<table width="810" border="2" align="center">
<tr>
<td>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="center" bgcolor="#FFFFFF" scope="col"><h2><b>Your Tanks(WAD)</b></h2></td>
</tr>
<form action="/test/include/tank/tank.inc.php" method="post" name="tank" id="tank">
<table border="2" align="center" cellpadding="0">
<tr>
<td><div align="left"><b>Tank Name: </b> </div></td>
<td><div align="left">
<input type="text" name="tankname" size="25" />
</div></td>
</tr>
<tr>
<td><div align="left"><b>Date Filled With Water: </b> </div></td>
<td><div align="left">
<input type="text" name="date" size="25" />
</div></td>
</tr>
<tr>
<td><div align="left"><b>Length: </b> </div></td>
<td><div align="left">
<input type="text" name="length" size="25" />
</div></td>
</tr>
<tr>
<td><div align="left"><b>Depth: </b> </div></td>
<td><div align="left">
<input type="text" name="depth" size="25" />
</div></td>
</tr>
<tr>
<td><div align="left"><b>Height: </b> </div></td>
<td><div align="left">
<input type="text" name="height" size="25" />
</div></td>
</tr>
<tr>
<td><div align="left"><b>Volume: </b> </div></td>
<td><div align="left">
<input type="text" name="volume" size="25" />
</div></td>
</tr>
<tr>
<td><div align="left"><b>Type of Tank: </b> </div></td>
<td><div align="left">
<input type="text" name="type" size="25" />
</div></td>
</tr>
<tr>
<td></div></td></tr>
<tr>
<td><div align="left"><b>Notes: </b> </div></td>
<td><div align="left">
<p>
<textarea name="notes" cols="50" rows="10"></textarea>
</p>
</div></td>
</tr>
<tr>
<th colspan="2"><p>
<input type="submit" value="Add New Tank" />
</p></th>
</tr>
</table>
</form>
<tr>
<td align="center" valign="top" bgcolor="#FFFFFF"><div align="center"><font size="2"> © 2014 <a href="http://www.pctechtime.com">PC TECH TIME</a> </font> </div></td>
</tr>
</table>
<tr>
<td></td></td></tr>
<tr>
<td></tr></td></tr>
</table>
</body>
</html>
This is tank.inc.php which works except for the username being inserted into the database. I did try removing the mysqli_close($con); but that didn't help. I did have it working when I removed the mysqli_close($con); but then I logged out and then back in and it stopped?
<?php
include_once "../../../test/include/db/db.inc.php";
// escape data and set variables
$tankname = mysqli_real_escape_string($con, $_POST['tankname']);
$date = mysqli_real_escape_string($con, $_POST['date']);
$length = mysqli_real_escape_string($con, $_POST['length']);
$depth = mysqli_real_escape_string($con, $_POST['depth']);
$height = mysqli_real_escape_string($con, $_POST['height']);
$volume = mysqli_real_escape_string($con, $_POST['volume']);
$type = mysqli_real_escape_string($con, $_POST['type']);
$notes = mysqli_real_escape_string($con, $_POST['notes']);
$username = $_SESSION['username'];
// # setup SQL statement
$sql="INSERT INTO tank (tankname, username, date, length, depth, height, volume, type, notes)
VALUES ('$tankname', '$username', '$date', '$length', '$depth', '$height', '$volume', '$type', '$notes')";
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
echo 'New Tank Added ';
mysqli_close($con);
?>
in this page http://maximaart.com/newscp/ i have this problem Code: [Select] Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/maximasy/public_html/newscp/index.php:1) in /home/maximasy/public_html/newscp/index.php on line 2 my source code is <?php session_start(); include_once("config.php"); include_once("functions.php"); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { if ($_POST['txtUserId'] === "$user" && $_POST['txtPassword'] === "$pass") { // the user id and password match, $_SESSION['basic_is_logged_in'] = true; require("main.php"); exit;?> I am trying to create an index page which contains registration and login field the problem that i get is on successful login a warning is displayed session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\Eventz.com\index.php:116) in C:\xampp\htdocs\Eventz.com\index.php on line 235 This is the login part of my index.php this tag is inside an html table below the login form I also have a registration form and its php code above the login form Code: [Select] <?php if (isset($_REQUEST['pass'])) { $id=$_POST['id']; $pass=$_POST['pass']; $conn =mysql_connect("localhost","root",""); if (!$conn) { die('Could not connect: ' . mysql_error()); } /* checking connection....success! */ $e=mysql_select_db('test', $conn); if(!$e) { die(''.mysql_error()); } else { echo 'database selected successfully'; } if (isset($_REQUEST['id']) || (isset($_REQUEST['pass']))) { if($_REQUEST['id'] == "" || $_REQUEST['pass']=="") { echo "login fields cannot be empty"; } else { $sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'"); $count=mysql_num_rows($sql); if($count==1) /* $count checks if username and password are in same row */ { session_start(); $_SESSION['id']=$id; echo "</br>Login Successful</br>"; } else { echo "</br>invalid</br>"; echo "please try to login again</br>"; } } } } ?> Any help or suggestion would be appreciated I am having trouble resolving an error. Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/s519970/public_html/header.php:27) in /home/s519970/public_html/admin/login.php on line 2 What I can gather is I can't use "header (Location: 'admin.php')" after i've used session_start(). I have tried to replace the header (Location: 'admin.php') with this: echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; I've been trying to read up on solutions but haven't been able to get it sorted. If anyone can offer some advice that would be greatly appreciated as im new to php. Code: [Select] <?php session_start(); if(isset($_SESSION['user'])) echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; ?> <div id="loginform"> <form action="dologin.php" method="post"> <table> <tr> <td><span>Username:</span></td> <td><input type="text" name="username" /></td> </tr> <tr> <td><span>Password:</span></td> <td><input type="password" name="password" /></td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="login" value="Login" /></td> </tr> </table> </form> </div> I have tried using require_once('yourpage.php'); before my <head></head> tags in the header document where I've specified the html information but this doesn't seem to work. I've been advised to use ob_start("ob_gzhandler"); but I am not sure how to implement this. Any advice is greatly appreciated! hi everyone. i'm wondering what the best way is to create a session variable and pass it to an iframe. i need to do something along these lines, but it doesn't seem to pass the ID. Any hints on how i should accomplish this? Code: [Select] session_start(); $_SESSION['ID']=$_GET['ID']; // id from previous page $ID=session_id(); <iframe src="iframepage.php?ID=<?php echo $ID; ?>" style="width:680px; height:200px;" noresize="noresize" frameborder="0" border="0" scrolling="Yes" allowtransparency="true" /> </iframe> I'm making a simple login system with MySQL and PHP (very simple, I'm just starting with PHP). The MySQL portion is done, but I need to ensure only people who are logged in can see certain content. To check if people are logged in, my website checks that they have the $_SESSION['user'] variable set. If it is set, then it lets them continue through the website, if not, it tells them to login. Is that enough security, or can people simply inject a session cookie into their browser to spoof that they are logged in? My idea was to generate a session key cookie when they login (just a random string of letters and numbers) and store that in the database, then on every page, check to make sure their session key is the same thing that's in the database. Is this necessary? It seems expensive. I'm missing something here. I have a form, and when the submit is pressed, the relevant post data inserts into table one, then I want the last insert id to insert along with other form data into a second table. The first table's still inserting fine, but I can't get that second one to do anything. It leapfrogs over the query and doesn't give an error. EDIT: I forgot to add an error: I get: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'usage, why VALUES ('14', '', '123', '','1234', '', '')' at line 1 query:INSERT INTO tbl_donar (donar_fname, donar_name, donar_address, donar_address2, donar_city, donar_state, donar_zip, donar_email, donar_phone, donar_fax, donar_company) VALUES ('test 14', 'asdfa', 'asdf', 'adf','asdf', '', '', '', '123', '', '') Code: [Select] if (empty($errors)) { require_once ('dbconnectionfile.php'); $query = "INSERT INTO tbl_donar (donar_fname, donar_name, donar_address, donar_address2, donar_city, donar_state, donar_zip, donar_email, donar_phone, donar_fax, donar_company) VALUES ('$description12', '$sn', '$description4', '$cne','$description5', '$description6', '$description7', '$description8', '$description9', '$description10', '$description11')"; $result = @mysql_query ($query); if ($result) { $who_donated=mysql_insert_id(); $query2 = "INSERT INTO tbl_donation (donor_id, donor_expyear, donor_cvv, donor_cardtype, donor_authorization, amount, usage, why) VALUES ('$who_donated', '$donate2', '$donate3', '$donate4','$donate5', '$donate6', '$donate7')"; $result2 = @mysql_query ($query2); if ($result2) {echo "Info was added to both tables! yay!";} echo "table one filled. Table two was not."; echo $who_donated; //header ("Location: http://www.twigzy.com/add_plant.php?var1=$plant_id"); exit(); } else { echo 'system error. No donation added'; Can anyone tell me why this is not INSERTing? My array data is coming out just fine.. I've tried everything I can think of and cannot get anything to insert.. Ahhhh! <?php $query = "SELECT RegionID, City FROM geo_cities WHERE RegionID='135'"; $results = mysqli_query($cxn, $query); $row_cnt = mysqli_num_rows($results); echo $row_cnt . " Total Records in Query.<br /><br />"; if (mysqli_num_rows($results)) { while ($row = mysqli_fetch_array($results)) { $insert_city_query = "INSERT INTO all_illinois SET state_id=$row[RegionID], city_name=$row[City] WHERE id = null" or mysqli_error(); $insert = mysqli_query($cxn, $insert_city_query); if (!$insert) { echo "INSERT is NOT working!"; exit(); } echo $row['City'] . "<br />"; echo "<pre>"; echo print_r($row); echo "</pre>"; } //while ($rows = mysqli_fetch_array($results)) } //if (mysqli_num_rows($results)) else { echo "No results to get!"; } ?> Here is my all_illinois INSERT table structu CREATE TABLE IF NOT EXISTS `all_illinois` ( `state_id` varchar(255) NOT NULL, `city_name` varchar(255) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; Here is my source table geo_cities structu CREATE TABLE IF NOT EXISTS `1` ( `CityId` varchar(255) NOT NULL, `CountryID` varchar(255) NOT NULL, `RegionID` varchar(255) NOT NULL, `City` varchar(255) NOT NULL, `Latitude` varchar(255) NOT NULL, `Longitude` varchar(255) NOT NULL, `TimeZone` varchar(255) NOT NULL, `DmaId` varchar(255) NOT NULL, `Code` varchar(255) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; Just curious how other people feel about this. I am working on an application where a lot of info is pulled from MySQL and needed on multiple pages.
Would it make more sense to...
1. Pull all data ONCE and store it in SESSION variables to use on other pages
2. Pull the data from the database on each new page that needs it
I assume the preferred method is #1, but maybe there is some downside to using SESSION variables "too much"?
Side question that's kind of related: As far as URLs, is it preferable to have data stored in them (i.e. domain.com/somepage.php?somedata=something&otherdata=thisdata) or use SESSION variables to store that data so the URLs can stay general/clean (i.e. domain.com/somepage.php)?
Both are probably loaded questions but any possible insight would be appreciated.
Thanks!
Greg
Edited by galvin, 04 November 2014 - 10:30 AM. Evening! I've been iffing and ahhing over this and well im not too sure, hence the post. Code: [Select] // Redirects if there is no session id selected and echos the error on the previous page if(!isset($_GET['get']) || ($_GET['getget'])){ header("Location: #.php?error"); } So it should simply check if get is set if it isnt then see if getget is set? If not redirect and show the error. Now ive tried it and even when get/getget is set it still redirects, probably something silly. Care to share anyone? Harry. Hello, I'm having a bit of a problem here, all help to this issues would be much appreciated I am trying to use text boxes to insert numbers into the database based on what is inputed. If I have a string, like this for example: $variable = 09385493; And I want to insert it into the database like this: mysql_query("INSERT INTO integers(number) VALUES ('$variable')"); When checking the integers table in my database, looking at the number field, the $variable that was inserted is outputted as 9385493 Notice the number zero was taken out of the front of the number. If the number is double 0's (009385493), both of those zero's would disappear, too. Thanks If i use session in my php code then for how much time the session will be valid... And how can i change the length of the session... Hello, I am interested in how the php can recognise a certain session when everytime i start session new id is created. For example i made this small script: session_start(); if( isset( $_SESSION['test'] ) ) { echo "test is set"; } else { $_SESSION['test'] = 'test'; echo "test is not set"; } My browser is closed. All files from /tmp folder where php default sessions files are stored in wamp are deleted. So i start the browser and it of course echoes "test is not set", then i check the folder and new session file is created. I then refresh the page and it normally echoes "test is set" but no new session files are created in /tmp folder. So now i close the browser and start it again. New file is created in /tmp although i used same browser. Now this new file has a different name than one previously created. So this time again it says "test it not set" and when i refresh the page it says "test is set" so my question is what logic is used by php to determine from which session file in /tmp folder to load session on page refresh when it creates a new id every time session is started ( browser opened ) even though the browser and ip are same. Thanks Pls tell me what is wrong? <?PHP include("dba.php"); function hvataj ($trazi, $id) { $upit = mysql_query ('select * from administrator where member_id = '.$id.''); return ( $row = mysql_fetch_assoc ($upit) ) ? $row[$trazi] : mysql_error (); } ?> I have parse error here on this line when I want to echo it: <?PHP echo "<img src='images/korisnik_slike/".hvataj('slika',$_SESSION['member_id']."' />"; ?> Hello I keep having this issue with sessions. I have an login feature on my website that uses sessions. When i do like this: 1. Login 2. close browser 3. open browser again 4. try to log in It fails, actually nothing happens, so I manually need to go to logout.php to reset and then I can log in again. Why is this happening and how do i solve it? How to add more data into $_SESSION? I have following code: Code: [Select] if(isset($_GET['poredi']) && $_GET['poredi'] == "upo"){ $idp = intval($_POST['idp']); $sql = "SELECT * FROM product WHERE product_id={$idp}"; $query=mysql_query($sql); if(mysql_num_rows($query)!=0){ $row=mysql_fetch_array($query); $_SESSION['poredi'] = $row['product_id']; } } On click it need to store more product_id, and after that i have to be able to do query with data (find all data with product_id)? Code: [Select] <?php session_start(); if(!session_is_registered(myusername)){ header("location:./default.php"); } ?> My session works fine but I am just wondering how I can echo the current sessions username? Thanks hello all, What I want to do is, make the session ID clickable in a url here Code: [Select] Login Successful <a href="user.php">Conitnue</a> so when a user logs in, his ID gets in the link of Continue so he can only see his information so for example, if his id is 10, then the url would be ....user.php?id=10 |
|||||||