Jump to content

Getting the user id/info from db after login

db530

By db530
in PHP Coding Help

 Share

Recommended Posts

db530 Newbie

db530

Posted
Posted

I'm still pretty new to PHP and actually haven't done it in a while so I'm a little rusty but here's my problem:

 

I have a login screen (that works) that goes to a screen with a form. I need to be able to get the user id of the user that's logged in so I can use it to query the database and insert the data in the form into the correct row of the table. I know it's a pretty simple thing to do I'm just blanking right now. Can anyone point me in the right direction?

Link to comment
Share on other sites
cooldude832 Advanced Member

cooldude832

Posted
Posted

very poor example

 

Sessions shouldn't be populated from POST data but from Database results

example

<?php
session_start();
#assume a form 2 inputs username///password and connected to mysql server
$q = "Select UserID from `users` Where Username = '".mysql_real_escape_string($_POST['username'])."' and Password = '".md5($_POST['password'])."'";
$r = mysql_query($q) or die(mysql_error()."<br /><br />".$q);
if(mysql_num_rows($r) >0){
$row = mysql_fetch_assoc($r);
$_SESSION['UserData']['UserID'] = $row['UserID'];
}
else{
echo "Invalid Login Info.";
}
?>

Link to comment
Share on other sites
db530 Newbie

db530

Posted
  • Author
Posted

very poor example

 

Sessions shouldn't be populated from POST data but from Database results

example

<?php
session_start();
#assume a form 2 inputs username///password and connected to mysql server
$q = "Select UserID from `users` Where Username = '".mysql_real_escape_string($_POST['username'])."' and Password = '".md5($_POST['password'])."'";
$r = mysql_query($q) or die(mysql_error()."<br /><br />".$q);
if(mysql_num_rows($r) >0){
$row = mysql_fetch_assoc($r);
$_SESSION['UserData']['UserID'] = $row['UserID'];
}
else{
echo "Invalid Login Info.";
}
?>

 

Thanks what was UserData supposed to be?

Link to comment
Share on other sites
db530 Newbie

db530

Posted
  • Author
Posted

Here's my code on the login check page

 

<?php
$host="*******"; // Host name
$username="*******"; // Mysql username
$password="*******"; // Mysql password
$db_name="*******"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("Cannot connect to database...");
mysql_select_db("$db_name")or die("Cannot select database...");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT userid FROM $tbl_name WHERE name='$myusername' AND password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

$row = mysql_fetch_assoc($result);

// Store user id in session variable
$_SESSION['userid'] = $row['userid'];

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:draft.php");
//echo "$_SESSION[user]";
}
else {
echo "Wrong Username or Password";
}

?>
</body>
</html>

Link to comment
Share on other sites
cooldude832 Advanced Member

cooldude832

Posted
Posted

I don't like to muddy the global scope of my session variable so I make an array for each item

example

<?php
$_SESSION['UserData']['UserID'] = 5;
$_SESSION['Userdata']['Username'] = "Bob";

$_SESSION['ShoppingCart']['CartID'] = 1254;
$_SESSION['ShoppingCart']['Name'] = "Cart 15";

$_SESSION['SiteVars']['Language'] = "English":
$_SESSION['SiteVars']['Resolution'] = "800x600";
?>

 

That way I don't have any crossing up problems

Link to comment
Share on other sites
db530 Newbie

db530

Posted
  • Author
Posted

so when I do $row['userid'] does that get the value in the field 'userid'

 

I'm confused

 

 

I don't like to muddy the global scope of my session variable so I make an array for each item

example

<?php
$_SESSION['UserData']['UserID'] = 5;
$_SESSION['Userdata']['Username'] = "Bob";

$_SESSION['ShoppingCart']['CartID'] = 1254;
$_SESSION['ShoppingCart']['Name'] = "Cart 15";

$_SESSION['SiteVars']['Language'] = "English":
$_SESSION['SiteVars']['Resolution'] = "800x600";
?>

 

That way I don't have any crossing up problems

Link to comment
Share on other sites
cooldude832 Advanced Member

cooldude832

Posted
Posted

yes, maybe you need to explore basic php/mysql tutorials before you dive in because if you can't follow that simple query how u ever gonna follow complex sql like

SET @n =5,
@i =0;
CREATE TEMPORARY TABLE `url_data` SELECT IF( MOD( @i , @n ) =0, CheckID, 'a' ) AS CheckID, @i := @i +1
FROM `urls_checks`
WHERE UrlID = '10'
ORDER BY urls_checks.Date ASC
LIMIT 100 ;
DELETE FROM `url_data` WHERE CheckID = 'a';
SELECT urls_checks.UrlID, urls_checks.CheckID, urls_checks.Date
FROM `url_data`
JOIN urls_checks
USING ( CheckID ) ;
DROP TABLE `url_data` ;

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.