jaybeeb Posted October 23, 2008 Share Posted October 23, 2008 Ok, I have a working login form, the only thing the user enters in the form is username and password. But I want to carry the value 'id' which is in the user table along with the username and password to the next page so I can make the page unique for each user. 'id' is set up to auto-increment when each user registers. What I have at the moment is header("location:userpage.php?id=$id"); but I am not sure how to get the actual id of the user that logs in into that variable, it just comes up blank at the moment. Any help would be greatly appreciated... Quote Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/ Share on other sites More sharing options...
realjumper Posted October 23, 2008 Share Posted October 23, 2008 Are you saying that every time a user logs in they get a new/different (auto increment) id? Quote Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673026 Share on other sites More sharing options...
limitphp Posted October 23, 2008 Share Posted October 23, 2008 Your page isn't giong to be secure, because people could just mimick the url example: userpage.php?id=1 or userpage.php?id=2, etc... with the id="some number" and take over that user. Quote Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673032 Share on other sites More sharing options...
DeanWhitehouse Posted October 23, 2008 Share Posted October 23, 2008 Why do it like that ? Why not make it unique for each user by storing there id in a session ? Quote Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673034 Share on other sites More sharing options...
jaybeeb Posted October 23, 2008 Author Share Posted October 23, 2008 Are you saying that every time a user logs in they get a new/different (auto increment) id? Hi, No - everytime a user registers they get a unique 'id' I want to use this id to display the info relevant to each user. Just need a way of getting the id into a variable, so when the user clicks login, the variable goes with them and I can use it on the next page they go to. Your page isn't giong to be secure, because people could just mimick the url example: userpage.php?id=1 or userpage.php?id=2, etc... with the id="some number" and take over that user. Why do it like that ? Why not make it unique for each user by storing there id in a session ? To be honest, i am just beggining php, this is just for a small assignment, if storing the id in a session is a simple enough proccess I would like to hear it if you wouldnt mind? Quote Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673041 Share on other sites More sharing options...
DeanWhitehouse Posted October 23, 2008 Share Posted October 23, 2008 Ok, Put session_start(); on the top of everypage , then put on the login where the header is $_SESSION['id'] = $id; Quote Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673046 Share on other sites More sharing options...
realjumper Posted October 23, 2008 Share Posted October 23, 2008 To be honest, i am just beggining php, this is just for a small assignment, if storing the id in a session is a simple enough proccess I would like to hear it if you wouldnt mind? Have a look here: http://www.tizag.com/phpT/phpsessions.php Quote Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673047 Share on other sites More sharing options...
jaybeeb Posted October 23, 2008 Author Share Posted October 23, 2008 Ok, Put session_start(); on the top of everypage , then put on the login where the header is $_SESSION['id'] = $id; ok, thanks. But now how do I make it so each user has their own unique page when they login. Like to say "Hello '$username' you are now logged in" before I was just going to do an sql statement calling the 'id' Thanks for the help. Quote Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673065 Share on other sites More sharing options...
DeanWhitehouse Posted October 23, 2008 Share Posted October 23, 2008 Yes, on the page you can do $id = $_SESSION['id']; $sql = mysql_query("SELECT * FROM table WHERE id ='".$id."'"); Quote Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673068 Share on other sites More sharing options...
jaybeeb Posted October 23, 2008 Author Share Posted October 23, 2008 ok, thanks for the help. just incase I dont manage the sessions too well. How would I go about the way I was going to do it (the unsecure way)? Quote Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673081 Share on other sites More sharing options...
DeanWhitehouse Posted October 23, 2008 Share Posted October 23, 2008 $id = $_GET['id']; $id = stripslashes($id); Quote Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673096 Share on other sites More sharing options...
jaybeeb Posted October 23, 2008 Author Share Posted October 23, 2008 no, its still the same doesnt grab the id from the user table Quote Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673119 Share on other sites More sharing options...
DeanWhitehouse Posted October 23, 2008 Share Posted October 23, 2008 Echo out $id Echo $id; Quote Link to comment https://forums.phpfreaks.com/topic/129828-login-carrying-the-variable/#findComment-673121 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.