Login script - display records after login.

[87dave87]

Hi,

 

I have the following login script, once logged in I want to display the information that is present in the row for the 'username' that is logged in, how would I display that information.  I just need each field displaying - not in any loop: -

 

<?php
$host="localhost"; // Host name 
$username="xxxx"; // Mysql username 
$password="xxxx"; // Mysql password 
$db_name="xxxx"; // Database name 
$tbl_name="xxxx"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

[genericnumber1]

http://www.phpfreaks.com/forums/index.php/topic,95441.0.html

http://www.phpfreaks.com/forums/index.php/topic,95443.0.html

[87dave87]

Okay, so how would I post $result from checklogin.php to login_success.php?

[sith717]

Dave, its the same one I am getting help on.

 

Lol...

 

 

[Maq]

You should have this information stored in a $_SESSION variable, that's what they are for.  Read up on sessions.  http://www.tizag.com/phpT/phpsessions.php

[jonsjava]

modify your script so it has this:

<?php
$host="localhost"; // Host name 
$username="xxxx"; // Mysql username 
$password="xxxx"; // Mysql password 
$db_name="xxxx"; // Database name 
$tbl_name="xxxx"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION['username'] = $myusername;
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

now, from any page that is on that site, you can do this:

<?php
session_start();
print $_SESSION['username'];
?>

or manipulate it anyway you see fit, by calling the $_SESSION['username'] variable.

[genericnumber1]

Jeeze jon you need to stop being so nice and taking the time to do the work for them! you're making us look bad

[Maq]

Jeeze jon you need to stop being so nice and taking the time to do the work for them! Smiley you're making us look bad

 

Hehe, yeah Jon!

[jonsjava]

I get bored. Budget is coming up, and I've already laid down my request for 1 Dell laptop, 2 Mac laptops, and 1 Fujitsu laptop. Out of things to do for today. hehe.

[87dave87]

thanks - and enjoy your macs

[87dave87]

<?php
session_start();
print $_SESSION['username'];
?>

 

&

 

<?php
session_start();
echo $_SESSION['username'];
?>

 

That doesn't throw up an error but doesn't show the username onto the page...?

[jonsjava]

you must be logged in, using the modded script.  If not, then the session isn't set, and the session variable isn't set.  If you still have issues, then you guys might want to look at how your sessions are being stored, because you guys are having quite a few issues regarding session data being lost.

[87dave87]

hmm, can i not just pass the username through to the loginsuccess page and then call the data for the usernames row?

[jonsjava]

you use $_SESSIONS, because the beauty of the security of it.  It's all stored server-side, and is liked to that IP and browser session (they close the browser, poof--gone).  It's called a super variable for a reason.  Passing the data any other way is tedious, and you gotta remember on each page to have it passed.  Setting it in a session variable guarantees it's there when you need it.

[87dave87]

I only need for the user to login to the 1 page which will be login_success.php and then call their information on that single page - is it worth doing in this scenario?