Members login help

[fife]

Hi.  I am very new to all of php, mysql and the program dreamweaver.  I am teaching how to use all of this at the same time! Now, I have created a website with a login page and all the relevant forms to create an account.  It all works perfectly.  Now i am having trouble understanding the next bit.  Heres what i want;

 

I would like the next page after you log in to display all of your personal details and ONLY your personal details.  Can someone tell me how to do this or where i can learn it.  Sorry if that explaination is not good enough.  If someone can help i am willing to go into more detail on my database and webpage.  Thank you

[trq]

You would simply create a profile.php script which queries the database based on a users id stored within the $_SESSION array upon login. eg;

 

session_start();

if (isset($_SESSION['userid'])) {

  $sql = "SELECT name,data FROM users WHERE id = '{$_SESSION['userid']}'";

  // execute query and display the page.

} else {

  // user not logged in.

}

[DarkWater]

Yes, you could do that, and you could also just have it check a $_GET parameter (the ID) and check it against the information in the database and displays it.

[JD*]

Sessions are a bit more secure, DarkWater, because you can change a $_GET variable in the URL and there is nothing to check against so that the user can only see their profile.

 

Having a session can (somewhat) ensure that they can only see their own information.

[thatsgreat2345]

I'd recommend looking at some that are already out there such as this one. To get ideas and to see how they did things.

http://www.evolt.org/article/PHP_Login_System_with_Admin_Features/17/60384/index.html

[DarkWater]

@JD*: Yeah, for only viewing your own information sessions would be better, but I figured he wants a true "profile" page where you can view only one person's info at a time and he worded it incorrectly.  In that case GET would be better.

[JD*]

@JD*: Yeah, for only viewing your own information sessions would be better, but I figured he wants a true "profile" page where you can view only one person's info at a time and he worded it incorrectly.  In that case GET would be better.

 

Ah, I see what you're saying. I think he's looking for the former, though, like on this board where you can only see your own profile (and probably edit it), but you're correct, $_GET would be better used to only see one profile at a time for others.

[TheBigRedStapler]

To make like a real session where the info will carry you'll prolly need to first get the data from POST or GET variables http://us2.php.net/manual/en/reserved.variables.post.php.

Then you want to check that against a MySQL database and save it into session variables (if it matches the DB), and then make a script to check it like thorpe was saying.

 

Check out the variables listed on the top left side of the page above, especially in your case $_POST, $_GET and $_SESSION.

Remember also that you have to use a session_start() call at the TOP (or at least before output I think) of any page that you want to use sessions on.

 

Here's some tutorials on this stuff..

http://www.w3schools.com/PHP/php_mysql_intro.asp -- MySQL Query Syntax Examples

http://www.tizag.com/phpT/phpsessions.php -- PHP Sessions

http://phpeasystep.com/phptu/6.html -- Login Page Example

http://us.php.net/security.database.sql-injection -- About Security..

http://us2.php.net/mysql_real_escape_string -- More to do with security..

 

And remember to check out http://php.net...

You can lookup any function you want and see how it works, the functions you'll need to use in conjunction with it AND examples- really neat stuff...

 

Anyways HTH

 

[DarkWater]

Well, now it's just speculation, so we need to wait for the guy to post back. =P

[DeanWhitehouse]

wow, most of the replys are darkwater and js having a discussion.

I would say that he should use sessions, and then have another page with visible profiles on and use get, but that is my preference.

[fife]

hey everyone.  Thank you for all your help.  Yes you are right.  I would like a page that displays many details of the particular person that logs in.  I will go through all your comments very carefully and study what i need to know.  Thank you all for all your help.  Im sure you will all be hearing from me again very soon! lol.

 

fife