|
PHP - Session And User Data
Hi, I have stored user data in the database, but I think I need to somehow grab the "id" of the username, and use that in a SESSION when they log in, so that I can pull up the user information in the database for that particular user when they log in. and do that for everyone when they log in. My idea is
user logs in Something like "grab the user "id" linked to this user, and add that value to "$currentUser", then somehow when it is time to show their user profile page, I do something like "display all field data where username=$currentUser. I don't know I am confused, any help plus code would be great if anyone can help, or just the pseudocode would be good. I hope I explained it right. thanks. Similar TutorialsHello, i've got some shop script which has 2 payment modules which i'd like to use for something else, the payment modules only work if the user is logged in though, i tried to make them standalone scripts but that didn't work out too well. So now i decided to go another way and just let everyone have the same session so everyone will be using the same username&password automatically. the index file looks like this: Code: [Select] <?php include('./inc/config.php'); include('./inc/functions.php'); include('./lang/'.$language.'.lng'); $id = addslashes($_REQUEST["id"]); $user = addslashes($_REQUEST["username"]); $pass = addslashes($_REQUEST["password"]); $language = strtolower($language); if(empty($id)) $id =1; $file = mysql_query('SELECT * FROM navi_'.$language.' WHERE id="'.$id.'"'); if(mysql_num_rows($file)>0) $file = mysql_fetch_array($file); else $file = mysql_fetch_array(mysql_query('SELECT * FROM navi_'.$language.' WHERE id="404"')); if(!empty($user) AND !empty($pass)) {$query = mysql_query('SELECT * FROM users WHERE username="'.$user.'" AND pass="'.md6($pass).'"'); if(mysql_num_rows($query) == 1) {$_SESSION[$session_prefix."user"] = ucfirst($user); echo'<meta http-equiv="refresh" content="0; url=index.php?id=8">';} else $error = 'Username oder Passwort ist falsch.';} include('./designe/'.$designe.'/head.tpl'); include('./designe/'.$designe.'/navi.php'); include('./designe/'.$designe.'/middle.tpl'); if(file_exists('./pages/'.$file["file"])) {echo'<h1>'.ucfirst($file["title"]).'</h1>'; include('./pages/'.$file["file"]);} if(!empty($error)) echo '<font color="red">'.$error.'</font>'; include('./designe/'.$designe.'/foot.tpl'); ?> Now i tried alot of things including adding: Code: [Select] session_start(); $_SESSION["username"] = "peter"; $_SESSION["user"] = "peter"; $_SESSION["id"] = "1"; $_SESSION["pass"] = "peter"; $_SESSION["password"] = "peter"; or Code: [Select] $id = "1"; $user = "peter"; $username = "peter"; $pass = "peter"; $password = "peter"; also a combination of both, nothing works, but i don't understand why ? Any help is appreciated. /Edit, i tried adding it to the paymentmodule .php aswell, but no luck. I have two tables. Table Name:Users Fields: User_name user_email user_level pwd 2.Reference Fields: refid username origin destination user_name in the users table and the username field in reference fields are common fields. There is user order form.whenever an user places an order, refid field in reference table will be updated.So the user will be provided with an refid Steps: 1.User needs to log in with a valid user id and pwd 2.Once logged in, there will be search, where the user will input the refid which has been provided to him during the time of order placement. 3.Now User is able to view all the details for any refid 3.Up to this we have completed. Query: Now we need to retrieve the details based on the user logged in. For eg: user 'USER A' has been provided with the referenceid '1234' during the time of order placement user 'USER B' has been provided with the referenceid '2468' during the time of order placement When the userA login and enter the refid as '2468' he should not get any details.He should get details only for the reference ids which is assigned to him. <?php session_start(); if (!$_SESSION["user_name"]) { // User not logged in, redirect to login page Header("Location: login.php"); } $con = mysql_connect('localhost','root',''); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("login", $con); $user_name = $_POST['user_name']; $refid = $_POST['refid']; $query = "SELECT * from reference,users WHERE reference.username=users.user_name AND reference.refid='$refid' AND "; $result = mysql_query($query) or trigger_error('MySQL encountered a problem<br />Error: ' . mysql_error() . '<br />Query: ' . $query); while($row = mysql_fetch_array($result)) { echo $row['refid']; echo $row['origin']; echo $row['dest']; echo $row['date']; echo $row['exdate']; echo $row['username']; } echo "<p><a href=\"logout.php\">Click here to logout!</a></p>"; ?> <html> <form method="post" action="final.php"> Ref Id:<input type="text" name="refid"> <input type="submit" value="submit" name="submit"> </html> Say there is a complex opt in process where people start to enter their data but certain questions stop them where they close out of the page. They already entered their data and I feel there is a way to grab it and post it to mysql even though they do not click submit.
How would this be done?
A super simple example (proof of concept) or a link to a tutorial would be very useful.
Edited by brentman, 23 September 2014 - 10:42 AM. Hi guys I need to know how i can create a session for userid from my database, I have done the session for username but not being able to do it for user name, here is my code. my database table is called users and I can login successfully, but i tried few code and it wont show the user id, the column for user id is 'id' <?php include 'global.php'; $session_username = $_SESSION['username']; if ($_POST['login']) { //get form data $username = addslashes(strip_tags($_POST['username'])); $password = addslashes(strip_tags($_POST['password'])); if (!$username||!$password) echo "Enter a username and password"; else { //log in $login = mysql_query("SELECT * FROM users WHERE username='$username'"); if (mysql_num_rows($login)==0) echo "No such user"; else { while ($login_row = mysql_fetch_assoc($login)) { //get database password $password_db = $login_row['password']; //encrypt form password $password = md5($password); //check password if ($password!=$password_db) echo "Incorrect password"; else { //check if active $active = $login_row['active']; $email = $login_row['email']; if ($active==0) echo "You haven't activated your account, please check your email ($email)"; else { $_SESSION['username']=$username; //assign session header('Location:my.php'); } } } } } } else { if (isset($session_username)) { echo "You are logged in, $session_username., <a href='logout.php'>Log out</a>"; } else { echo " <form action='index.php' method='POST'> Username: <input type='text' name='username'><p /> Password: <input type='password' name='password'><p /> <input type='submit' name='login' value='Log in'> </form> "; } } ?> thanks is it necessary to store users session on db? if so please explain someone why? and block multiple session login. say if im logged in and someone else tries to log into my id from some other place how would i stop that to happen? any idea and example would be appreciated. This will be a little difficult to explain, but keep with me. On the profile.php page. It starts a new session. Code: [Select] // Connect to MySQL... $conn = mysql_connect($hostname, $username, $password) or die("Connecting to MySQL failed"); mysql_select_db($database, $conn) or die("Selecting MySQL database failed"); // Run our query, see if session username exists in session field... $sql="select username,email from user where username='{$_SESSION['user']}' limit 1"; $result=mysql_query($sql,$conn); // Parse our results into $data (as an associative array)... $data=mysql_fetch_assoc($result); // If one row was found in the result set, username exists... if (mysql_num_rows($result)==1) { $_SESSION['sellername'] = $data['username']; So what I am hoping that is doing, is the session named "sellername" is stored with the variable of the logged in user. In this example "testuser". Now the page updates.php will have an id attached to like so: updates.php?id=13. Which will have info only available for testuser's eyes. On the page it does this. Code: [Select] // Connect to MySQL... $conn = mysql_connect($hostname, $username, $password) or die("Connecting to MySQL failed"); mysql_select_db($database, $conn) or die("Selecting MySQL database failed"); // Run our query, see if session username exists in session field... $sql="select username from user where username='{$_SESSION['user']}' limit 1"; $result=mysql_query($sql,$conn); // Parse our results into $data (as an associative array)... $data=mysql_fetch_assoc($result); // If one row was found in the result set, username exists... if (mysql_num_rows($result)==1) { $query='select seller from listings where seller = "'.$data['username'].'"'; $queryresult=mysql_query($query,$conn); while($info = mysql_fetch_assoc($queryresult)){ if ( $_SESSION['sellername'] == $info['seller'] ){ The if statement should process: "If the session variable for 'sellername' equals the database entry 'seller' then display the rest of the page." However, no matter what user is logged, it will display the page. Any ideas? Hello all, I have a membership website which is using sessions... and ive been asked to add some promotion points system. So that each user is able to see how many promotion points they have... Now, I'm a beginner in mysql and php, but feel I'm learning fairly quickly. What I need help with, is to be able to display the amount of promotion points for the logged in user. I created a new field in my "essenti1_Users" table for the promotion code. database is called "essenti1_membership" table is "essenti1_Users" feild is "promo" I think im going to have to manually add the points to each user manually through phpMyAdmin Navicat unfortunatly. Unless anyone has any other ideas just for adding the points to each user account? ziggynerja is online now Add to ziggynerja's Reputation Report Post Edit/Delete Message i have my upload process working that uploads documents to the server and then displays in onto the user page like this:
<?php
function find_all_files($dir)
{
$root = scandir($dir);
foreach($root as $value)
{
if($value === '.' || $value === '..') {continue;}
if(is_file("$dir/$value")) {$result[]="$dir/$value";
continue;
}
foreach(find_all_files("$dir/$value") as $value)
{
$result[]=$value;
}
}
return $result;
}
$fileupload = 'fileupload';
$getem = find_all_files($fileupload);
foreach($getem as $key => $value)
{
echo '<a href="'.$value.'">'.$value.'</a><br />';
}
?>
<?php
if($handle = opendir('members/')) {
while (false !== ($entry = readdir($handle))) {
if($entry != "." && $enrty != "..") {
echo "<a href='download.php?file=".$entry."'>".$entry."</a>\n";
}
}
closedir($handle);
}
?>
here they can download the files to their computer however is there a way to only display the file of the user that is logged in through their session?
Login.php Code: [Select] <?php session_start(); mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("cute") or die(mysql_error()); $username = $_POST['username']; $password = $_POST['pass']; if (isset($_POST["submit"])) { $log = "SELECT * FROM regis WHERE username = '$username'"; $login = mysql_query($log); $row = mysql_fetch_array($login); $number = mysql_num_rows($login); if ($number > 0) { $_SESSION['username'] = $row['username']; $_SESSION['userlevel'] = $row['userlevel']; if($_SESSION['userlevel']==1) { $_SESSION['is_logged_in'] == 1; header("Location: form2.php"); } else if($_SESSION['userlevel']== 0) { $_SESSION['is_logged_in'] == 1; header("Location: registration.php"); } } Registration.php Code: [Select] <?php echo 'Welcome:' .$_SESSION['is_logged_in'];?> form2.php Code: [Select] <?php session_start(); if (empty($_SESSION['is_logged_in'])) { header("Location:chatframe.php"); die(); // just to make sure no scripts execute } ?> <?php mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("cute") or die(mysql_error()); $message=$_POST['message']; $a=$_SESSION['username']; if(isset($_POST['submit'])) //if submit button push has been detected { if(strlen($message)>1) { $message=strip_tags($message); $IP=$_SERVER["REMOTE_ADDR"]; //grabs poster's IP $checkforbanned="SELECT IP from ipbans where IP='$IP'"; $checkforbanned2=mysql_query($checkforbanned) or die("Could not check for banned IPS"); if(mysql_num_rows($checkforbanned2)>0) //IP is in the banned list { print "You IP is banned from posting."; } else { $thedate = date("U"); //grab date and time of the post $insertmessage="INSERT into chatmessages (name,IP,postime,message) values('$a','$IP','$thedate','$message')"; mysql_query($insertmessage) or die("Could not insert message"); } } } ?> <html> <head> <script type="text/javascript"> function addsmiley(code) { var pretext = document.smile.message.value; this.code = code; document.smile.message.value = pretext + code; } function a() { var x = document.smile.message.value; if(x=="") { alert("Please insert an message!"); return false; } } </script> <style type="text/css"> body{ background-color: #d8da3d } </style> </head> <body> <form name="smile" method="post" action="form2.php" onSubmit="return a()" > Your message:<br><textarea name='message' cols='40' rows='2'></textarea><br> <img src="smile.gif" alt=":)" onClick="addsmiley(':)')" style="cursor:pointer;border:0" /> <img src="blush.gif" alt=":)" onClick="addsmiley('*blush*')" style="cursor:pointer;border:0" /> <input type='submit' name='submit' value='Send' class='biasa' ></form> <br> <br> </body> </html> In this registration.php when im called back its appear nothing im means the number is not showing and the login code even im had also put the "$_SESSION['is_logged_in'] == 1;" outside if else userlevel statement and then i put $d= $_SESSION['is_logged_in'] == 1; and im echoing back but it is nothing im thinks something wrong in session is login and also still it cannot redirect to admin -form2.php when session is login in is 1 Unfortunately I have no code for this yet cuz I don;t even know if its possible... I am programming an application that is used by a couple of stores, which could end up being a lot of stores. Anyways, the basis is that the stores would, though a separate application (and therefore separate database) create a username and password, I now want to use this username and password to do the following 1. Allow them to login to my application using the same username and password 2. I want the store the username in a session to pull tables based on the username from my database For instance, a user has the login store123, after loggin in it now pulls the information from the tables store123_items, store123_prices, store123_settings, etc. Now my database will have quite a lot of store###_tables I am, sadly, a noobie to PHP and I do recall seeing an article (somewhere on the net, and I stupidly forgot to bookmark it, knowing I would need it eventually) on how to access multiple databases easily. Now because they are both under my account I can use the same username and password for both, its accessing the MySQL username/password database and storing the info I know I am lacking on how to do it. Any ideas? show list of files uploaded by current session user to the database. I want to show different users when they log in to the website...they can see a list of old files that they have uploaded. can anyone tell me the code/script to this.....please, ty Hello All, I have a PHP web application which will refresh itself(ajax calls connecting to the server and get the latest data) periodically. These also update the Database-based session handler class. i.e. There is NO UPDATE to the session data but the timestamp is constantly updated. Our problem is that garbage collection does not kick in as it looks at the difference between timestamp and session_gc.maxlifetime. So, if and the user is not interacting with the application. Now my question is how can I force the timeout even though refreshing happens but the user is not interacting with the application and there are "phantom" session updates made by these ajax calls. Please let me know. Thanks. Ok guys and girls, What I am tryting to do is when a user logs into my site and starts a session I would like to display some information about that user. The information displayed needs to be dynamic as this site will only have a few users buy I dont users viewing other users information. So far I have this code to process the login and start the session: <?php include("php/dbconnect.php"); //connects to the database when connected //get the username and password from the login form on the index page $username=$_POST['username']; $password=$_POST['password']; //stop an MySQL Injection by removing slashes and real_escape $myusername = stripslashes($username); $mypassword = stripslashes($password); $myusername = mysql_real_escape_string($username); $mypassword = mysql_real_escape_string($password); //Select users from the database that match the password and username $sql="SELECT * FROM users WHERE username='$username' and password='$password'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" or such file session_register("username"); session_register("password"); session_start(); //echo section test //echo "details ok"; header("Location: http://webdev/schools/hhs/psy_bookings/memberspage.php"); } else { echo "Wrong Username or Password"; } mysql_free_result($result); ?> And when they successfuly login into the members page to keep the session active I have the following code: <?php //////////////////////check the the user has logged in and allowed to view the pages/////////////////////// session_start(); //check to make sure the session variable is registered if(session_is_registered('username')){ //the session variable is registered, the user is allowed to see anything that follows echo 'Welcome, you are still logged in.';//test echo } else{ //the session variable isn't registered, send them back to the login page header( "Location: http://webdev/schools/hhs/psy_bookings/" ); } ////////////////////////////////////end of session data code/////////////////////////////////////////////// ?> What I would like is to be able to display the users name on the page and maybe call their email from the db. Thanks in advance as always I run MAMP and would like to know where I can find and view the data stored in my Sessions? Any ideas? Thanks, Debbie Trying to create a simple login page (and my code is embarassingly disgraceful at this point). In simple terms, I have start_session on three pages. The first page asks for name, the second for password, the third welcomes user. The second page contains $name=$POST['name']; $_SESSION['name']= $name; When I access the page 2, the name is echoed with a greeting and request for password. But after a password submission (whether correct or incorrect) the $name disappears. I am at a loss for why it is not being refreshed or maintained in the session. Any ideas for me? merry christmas everybody
i have shopping basket, i put many items in it per session.
i want get the heighst shipping1 value from session but i dont know how.
i tryed last 3 day without success.
now i get the following value for shipping1
2
3.90
5
6.90
but i see only 6.90 as it is the heighst shipping1 in basket.
thank you very much for your help
here is my code
foreach ($_SESSION["products"] as $cart_itm)
{
$inventor = $cart_itm["code"];
$shippall = $cart_itm["shipping1"];
$query1 = "SELECT MAX(shipping1) FROM $table1 WHERE inventar='$inventor'";
$result1 = $link1->query($query1) or die ("Database Error!");
$row = mysqli_fetch_row($result1);
echo $shippall."<br>";
}
Alright, So i want to pass a session from www.mysite.com to mobile.mysite.com And i'm doing so by calling this on the top of every page on each site: <?php session_set_cookie_params(360000, "/",".mysite.com"); session_start(); print_r($_SESSION); ?> yet, the session data that is set on one subdomain is NOT printed on the other subdomain. I've even tried destroying the sessions several times to start over. But it won't work. What could be up? Thanks I want to use session to do a query and will I be able to do this? I have a session that was gathered from login and now i was to use this session to do a query If Yes, How? Hello, I've been hacking at this for about 5 hours, and have been unable to get my session data to pass through to the 3rd page. Here is my code. As you can see I've been trying all types of variation of retrieval. On page 2 I can pull the data from page 1 fine with REQUEST or the longer version.. But for some reason page 3 will not display the first_name and last_name... I'm desperate at this point. I have not been able to find a working answer. I'm running php 5 w/ trans... OFF (default) in .ini. Page 1 Code: [Select] <?php session_start(); ?> <?php $PHPSESSID = session_id(); echo "<strong>Session ID:</strong> $PHPSESSID"; "<br /><br />"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>0</title> </head> <body> <form method="post" action="multi_page_post_2.php"> <label>First Name</label> <input name="first_name" value="" width="50" type="text" /> <br /><br /> <label>Last Name</label> <input name="last_name" value="" width="50" type="text" /> <br /><br /> <input type="submit" name="submit" value="Enter your Data - Continue to Step 2 >>" /> </form> </body> </html> Page 2 Code: [Select] <?php session_start(); ?> <?php $PHPSESSID = session_id(); echo "<strong>Session ID:</strong> $PHPSESSID"; $first_name = $_REQUEST['first_name']; echo $first_name; ?> <?php echo "<br /><br />"; print_r($_SESSION); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Step 2</title> </head> <body> <h2>Step 2 - Is this data correct?</h2> <hr /> <strong>First Name:</strong> <?php echo $_SESSION['first_name'] = $_POST['first_name']; ?> <br /><br /> <strong>Last Name:</strong> <?php echo $_SESSION['last_name'] = $_POST['last_name']; ?> <br /><br /> <form method="post" action="multi_page_post_3.php"> <label>Sons First Name: </label> <input name="sons_first_name" value="" width="50" type="text" /> <br /><br /> <input type="submit" name="submit" value="YES! Continue to Step 3 >>" /> <input type="hidden" name="PHPSESSID" value="<?php echo $PHPSESSID ?>" /> <input type="button" value="No! Back to Previous Page" onClick="javascript: history.go(-1)"> </form> <br /><br /> <a href="" onclick="<?php session_destroy(); ?>">Session D E S T R O Y !</a> </body> </html> Page 3 Code: [Select] <?php session_start(); ?> <?php $PHPSESSID = session_id(); echo "<strong>Session ID:</strong> $PHPSESSID"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Step 3</title> </head> <body> <h2>Step 3 - Is this data correct?</h2> <hr /> <strong>First Name:</strong> <?php echo $_SESSION['first_name'] = $_REQUEST['first_name']; ?> <br /><br /> <strong>Last Name:</strong> <?php echo $_SESSION['last_name']; ?> <br /><br /> <strong>Sons First Name:</strong> <?php echo $_REQUEST['sons_first_name']; ?> <br /><br /> <form method="post" action="multi_page_post_4.php"> <input type="hidden" name="PHPSESSID" value="<?php echo $PHPSESSID ?>" /> </form> <br /><br /> <a href="" onclick="<?php session_destroy(); ?>">Session D E S T R O Y !</a> </body> </html> |
|||||||