Jump to content

Getting the user id/info from db after login

db530

By db530
in PHP Coding Help

Recommended Posts

db530 Newbie

db530

Posted
Posted

I'm still pretty new to PHP and actually haven't done it in a while so I'm a little rusty but here's my problem:

 

I have a login screen (that works) that goes to a screen with a form. I need to be able to get the user id of the user that's logged in so I can use it to query the database and insert the data in the form into the correct row of the table. I know it's a pretty simple thing to do I'm just blanking right now. Can anyone point me in the right direction?

cooldude832 Advanced Member

cooldude832

Posted
Posted

very poor example

 

Sessions shouldn't be populated from POST data but from Database results

example

<?php
session_start();
#assume a form 2 inputs username///password and connected to mysql server
$q = "Select UserID from `users` Where Username = '".mysql_real_escape_string($_POST['username'])."' and Password = '".md5($_POST['password'])."'";
$r = mysql_query($q) or die(mysql_error()."<br /><br />".$q);
if(mysql_num_rows($r) >0){
$row = mysql_fetch_assoc($r);
$_SESSION['UserData']['UserID'] = $row['UserID'];
}
else{
echo "Invalid Login Info.";
}
?>

db530 Newbie

db530

Posted
  • Author
Posted

very poor example

 

Sessions shouldn't be populated from POST data but from Database results

example

<?php
session_start();
#assume a form 2 inputs username///password and connected to mysql server
$q = "Select UserID from `users` Where Username = '".mysql_real_escape_string($_POST['username'])."' and Password = '".md5($_POST['password'])."'";
$r = mysql_query($q) or die(mysql_error()."<br /><br />".$q);
if(mysql_num_rows($r) >0){
$row = mysql_fetch_assoc($r);
$_SESSION['UserData']['UserID'] = $row['UserID'];
}
else{
echo "Invalid Login Info.";
}
?>

 

Thanks what was UserData supposed to be?

db530 Newbie

db530

Posted
  • Author
Posted

Here's my code on the login check page

 

<?php
$host="*******"; // Host name
$username="*******"; // Mysql username
$password="*******"; // Mysql password
$db_name="*******"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("Cannot connect to database...");
mysql_select_db("$db_name")or die("Cannot select database...");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT userid FROM $tbl_name WHERE name='$myusername' AND password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

$row = mysql_fetch_assoc($result);

// Store user id in session variable
$_SESSION['userid'] = $row['userid'];

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:draft.php");
//echo "$_SESSION[user]";
}
else {
echo "Wrong Username or Password";
}

?>
</body>
</html>

cooldude832 Advanced Member

cooldude832

Posted
Posted

I don't like to muddy the global scope of my session variable so I make an array for each item

example

<?php
$_SESSION['UserData']['UserID'] = 5;
$_SESSION['Userdata']['Username'] = "Bob";

$_SESSION['ShoppingCart']['CartID'] = 1254;
$_SESSION['ShoppingCart']['Name'] = "Cart 15";

$_SESSION['SiteVars']['Language'] = "English":
$_SESSION['SiteVars']['Resolution'] = "800x600";
?>

 

That way I don't have any crossing up problems

db530 Newbie

db530

Posted
  • Author
Posted

so when I do $row['userid'] does that get the value in the field 'userid'

 

I'm confused

 

 

I don't like to muddy the global scope of my session variable so I make an array for each item

example

<?php
$_SESSION['UserData']['UserID'] = 5;
$_SESSION['Userdata']['Username'] = "Bob";

$_SESSION['ShoppingCart']['CartID'] = 1254;
$_SESSION['ShoppingCart']['Name'] = "Cart 15";

$_SESSION['SiteVars']['Language'] = "English":
$_SESSION['SiteVars']['Resolution'] = "800x600";
?>

 

That way I don't have any crossing up problems

cooldude832 Advanced Member

cooldude832

Posted
Posted

yes, maybe you need to explore basic php/mysql tutorials before you dive in because if you can't follow that simple query how u ever gonna follow complex sql like

SET @n =5,
@i =0;
CREATE TEMPORARY TABLE `url_data` SELECT IF( MOD( @i , @n ) =0, CheckID, 'a' ) AS CheckID, @i := @i +1
FROM `urls_checks`
WHERE UrlID = '10'
ORDER BY urls_checks.Date ASC
LIMIT 100 ;
DELETE FROM `url_data` WHERE CheckID = 'a';
SELECT urls_checks.UrlID, urls_checks.CheckID, urls_checks.Date
FROM `url_data`
JOIN urls_checks
USING ( CheckID ) ;
DROP TABLE `url_data` ;

 

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.