Jump to content

Recommended Posts

Hi,

 

I have the following login script, once logged in I want to display the information that is present in the row for the 'username' that is logged in, how would I display that information.  I just need each field displaying - not in any loop: -

 

<?php
$host="localhost"; // Host name 
$username="xxxx"; // Mysql username 
$password="xxxx"; // Mysql password 
$db_name="xxxx"; // Database name 
$tbl_name="xxxx"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

modify your script so it has this:

<?php
$host="localhost"; // Host name 
$username="xxxx"; // Mysql username 
$password="xxxx"; // Mysql password 
$db_name="xxxx"; // Database name 
$tbl_name="xxxx"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION['username'] = $myusername;
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

now, from any page that is on that site, you can do this:

<?php
session_start();
print $_SESSION['username'];
?>

or manipulate it anyway you see fit, by calling the $_SESSION['username'] variable.

you must be logged in, using the modded script.  If not, then the session isn't set, and the session variable isn't set.  If you still have issues, then you guys might want to look at how your sessions are being stored, because you guys are having quite a few issues regarding session data being lost.

you use $_SESSIONS, because the beauty of the security of it.  It's all stored server-side, and is liked to that IP and browser session (they close the browser, poof--gone).  It's called a super variable for a reason.  Passing the data any other way is tedious, and you gotta remember on each page to have it passed.  Setting it in a session variable guarantees it's there when you need it.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.