jaybeeb Posted October 23, 2008 Share Posted October 23, 2008 Ok, I have a working login form, the only thing the user enters in the form is username and password. But I want to carry the value 'id' which is in the user table along with the username and password to the next page so I can make the page unique for each user. 'id' is set up to auto-increment when each user registers. What I have at the moment is header("location:userpage.php?id=$id"); but I am not sure how to get the actual id of the user that logs in into that variable, it just comes up blank at the moment. Any help would be greatly appreciated... Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/ Share on other sites More sharing options...
realjumper Posted October 23, 2008 Share Posted October 23, 2008 Are you saying that every time a user logs in they get a new/different (auto increment) id? Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673026 Share on other sites More sharing options...
limitphp Posted October 23, 2008 Share Posted October 23, 2008 Your page isn't giong to be secure, because people could just mimick the url example: userpage.php?id=1 or userpage.php?id=2, etc... with the id="some number" and take over that user. Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673032 Share on other sites More sharing options...
DeanWhitehouse Posted October 23, 2008 Share Posted October 23, 2008 Why do it like that ? Why not make it unique for each user by storing there id in a session ? Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673034 Share on other sites More sharing options...
jaybeeb Posted October 23, 2008 Author Share Posted October 23, 2008 Are you saying that every time a user logs in they get a new/different (auto increment) id? Hi, No - everytime a user registers they get a unique 'id' I want to use this id to display the info relevant to each user. Just need a way of getting the id into a variable, so when the user clicks login, the variable goes with them and I can use it on the next page they go to. Your page isn't giong to be secure, because people could just mimick the url example: userpage.php?id=1 or userpage.php?id=2, etc... with the id="some number" and take over that user. Why do it like that ? Why not make it unique for each user by storing there id in a session ? To be honest, i am just beggining php, this is just for a small assignment, if storing the id in a session is a simple enough proccess I would like to hear it if you wouldnt mind? Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673041 Share on other sites More sharing options...
DeanWhitehouse Posted October 23, 2008 Share Posted October 23, 2008 Ok, Put session_start(); on the top of everypage , then put on the login where the header is $_SESSION['id'] = $id; Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673046 Share on other sites More sharing options...
realjumper Posted October 23, 2008 Share Posted October 23, 2008 To be honest, i am just beggining php, this is just for a small assignment, if storing the id in a session is a simple enough proccess I would like to hear it if you wouldnt mind? Have a look here: http://www.tizag.com/phpT/phpsessions.php Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673047 Share on other sites More sharing options...
jaybeeb Posted October 23, 2008 Author Share Posted October 23, 2008 Ok, Put session_start(); on the top of everypage , then put on the login where the header is $_SESSION['id'] = $id; ok, thanks. But now how do I make it so each user has their own unique page when they login. Like to say "Hello '$username' you are now logged in" before I was just going to do an sql statement calling the 'id' Thanks for the help. Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673065 Share on other sites More sharing options...
DeanWhitehouse Posted October 23, 2008 Share Posted October 23, 2008 Yes, on the page you can do $id = $_SESSION['id']; $sql = mysql_query("SELECT * FROM table WHERE id ='".$id."'"); Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673068 Share on other sites More sharing options...
jaybeeb Posted October 23, 2008 Author Share Posted October 23, 2008 ok, thanks for the help. just incase I dont manage the sessions too well. How would I go about the way I was going to do it (the unsecure way)? Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673081 Share on other sites More sharing options...
DeanWhitehouse Posted October 23, 2008 Share Posted October 23, 2008 $id = $_GET['id']; $id = stripslashes($id); Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673096 Share on other sites More sharing options...
jaybeeb Posted October 23, 2008 Author Share Posted October 23, 2008 no, its still the same doesnt grab the id from the user table Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673119 Share on other sites More sharing options...
DeanWhitehouse Posted October 23, 2008 Share Posted October 23, 2008 Echo out $id Echo $id; Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673121 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.