Jump to content

Using Session in mysql query

nitation

By nitation
in PHP Coding Help

 Share

Recommended Posts

nitation Member

nitation

Posted
Posted

Hi folks,

 

I have just created a login system. I wanted to know how i can select a specific user's information from the database using sessions.

 

This is how my login looks like

<?php
session_start();
ob_start();

error_reporting(E_ALL);
ini_set('display_errors', 'on');

include_once 'includes/en.php';
include_once 'includes/config.php'; 

$errorMsg="";

if (isset($_POST['log'])) {
$username=$_POST['username']; 
$passid=$_POST['passid'];

$username = stripslashes($username);
$passid = stripslashes($passid);
$username = mysql_real_escape_string($username);
$passid = mysql_real_escape_string($passid);

$sql="SELECT * FROM $tbl_name WHERE adminuser='$username' and adminpass='".md5($_POST['passid'])."'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
$_SESSION['username'] = $username;
$_SESSION['passid'] = $passid;

$sql="SELECT * FROM $tbl_name WHERE adminuser='$username' and adminpass='$passid'";
$lastlogin = $data['adminlastlogin']; 
$_SESSION['adminlastlogin'] = $adminlastlogin;
$DB_Query = @mysql_query("UPDATE `$tbl_name` SET adminlastlogin=Now() WHERE adminuser='$username'") OR die('MySQL error: '.mysql_error());

header("location:index.php");
}
else {
$errorMsg=ERROR_USER;
}
}
ob_end_flush();

?>

 

Link to comment
https://forums.phpfreaks.com/topic/137331-using-session-in-mysql-query/
Share on other sites
nitation Member

nitation

Posted
  • Author
Posted

What if i create my session in a page and include it on every page that it would be needed.

 

For instance.

<?php
session_start();
$nsit_name=session_name();
$nsit_sid=session_id();
$nsit_adminid=$_SESSION['adminid'];
$nsit_username=$_SESSION['adminuser'];
?>

 

 

nitation Member

nitation

Posted
  • Author
Posted

When you say "store it 1st in the session" you mean

<?php
session_start();
ob_start();

error_reporting(E_ALL);
ini_set('display_errors', 'on');

include_once 'includes/en.php';
include_once 'includes/config.php'; 

$errorMsg="";

if (isset($_POST['log'])) {
$username=$_POST['username']; 
$passid=$_POST['passid'];

$username = stripslashes($username);
$passid = stripslashes($passid);
$username = mysql_real_escape_string($username);
$passid = mysql_real_escape_string($passid);

$sql="SELECT * FROM $tbl_name WHERE adminuser='$username' and adminpass='".md5($_POST['passid'])."'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
$_SESSION['nsit_adminid'] = $nsit_adminid;
$_SESSION['username'] = $username;
$_SESSION['passid'] = $passid;

$sql="SELECT * FROM $tbl_name WHERE adminuser='$username' and adminpass='$passid'";
$lastlogin = $data['adminlastlogin']; 
$_SESSION['adminlastlogin'] = $adminlastlogin;
$DB_Query = @mysql_query("UPDATE `$tbl_name` SET adminlastlogin=Now() WHERE adminuser='$username'") OR die('MySQL error: '.mysql_error());

header("location:index.php");
}
else {
$errorMsg=ERROR_USER;
}
}
ob_end_flush();

?>

 

I included $nsit_adminid first in the session.

if($count==1){
$_SESSION['nsit_adminid'] = $nsit_adminid;

 

nitation Member

nitation

Posted
  • Author
Posted

I wrote this now and it's not displaying the information for the logged in user.


<?php
if (isset($_SESSION['nsit_adminid']))
{ 
    $sqlusr=mysql_query("select * from $tbl_name where adminid='$nsit_adminid'");
     if(!empty($sqlusr))
  {
       $numusers=mysql_num_rows($sqlusr);
         if($numusers==1)
	  {
            $usrrow=mysql_fetch_array($sqlusr);
            $lastname=$usrrow["lastname"];
            $init=$usrrow["initials"];



        }
	 }
}
?>

 

 

premiso Regular Member

premiso

Posted
Posted 

<?php
if (isset($_SESSION['nsit_adminid']))
{ 
    $sqlusr=mysql_query("select * from $tbl_name where adminid='" . $_SESSION['nsit_adminid'] . "'");
     if(!empty($sqlusr))
     {
       $numusers=mysql_num_rows($sqlusr);
         if($numusers==1)
        {
            $usrrow=mysql_fetch_array($sqlusr);
            $lastname=$usrrow["lastname"];
            $init=$usrrow["initials"];



           }
       }
}
?>

 

You never set $nsit_adminid, since you did not, you should access it via the session array as shown above.

nitation Member

nitation

Posted
  • Author
Posted

I tried the code you modified, but nothing displayed using the below

<?php echo $_SESSION['nsit_admini']; ?> 
AND this
<?php echo $lastname; ?>

 

This is the notice error i got

Notice: Undefined variable: lastlogin in C:\Program Files\xampp\htdocs\myfiles\nsit\neosharp\admin\index2.php

My error_reporting is turned on

premiso Regular Member

premiso

Posted
Posted 

<?php
session_start();
if (isset($_SESSION['nsit_adminid']))
{ 
    $sqlusr=mysql_query("select * from $tbl_name where adminid='" . $_SESSION['nsit_adminid'] . "'");
     if(!empty($sqlusr))
     {
       $numusers=mysql_num_rows($sqlusr);
         if($numusers==1)
        {
            $usrrow=mysql_fetch_array($sqlusr);
            $lastname=$usrrow["lastname"];
            $init=$usrrow["initials"];



           }
       }
}
?>

 

You need to session_start at the top of each page you use sessions. I also do not see the "lastlogin" part in the code...

nitation Member

nitation

Posted
  • Author
Posted

I changed the $lastname to $lastlogin as i have both fields in my database.

 

Have a look at my code

<?php
session_start();
error_reporting(E_ALL);
ini_set('display_errors', 'on');

require_once 'includes/en.php';
require_once 'includes/config.php'; 

if (!isset($_SESSION['username']))
  {
   header ("Location: login.php");
   exit();
   } 
require_once 'templates/header_html.php';
?>
<!-- header_eof //-->
<div id="colone">
<div class="reportBox">
<div class="header">Administrator: <?php echo $_SESSION['username']; ?> </div>
    <div class="row"><span class="rigth"> </span></div>
<?php
if (isset($_SESSION['nsit_adminid']))
{ 
    $sqlusr=mysql_query("select * from $tbl_name where adminid='" . $_SESSION['nsit_adminid'] . "'");
     if(!empty($sqlusr))
     {
       $numusers=mysql_num_rows($sqlusr);
         if($numusers==1)
        {
            $usrrow=mysql_fetch_array($sqlusr);
            $adminip=$usrrow["adminloginip"];
            $lastlogin=$usrrow["adminlastlogin"];



           }
       }
}
?>

    <div class="row"><span class="left">Last login date:</span><span class="rigth"><?php echo $lastlogin; ?></span></div>
    <div class="row"></div>
    <div class="row"></div>
    <div class="row"></div>
  </div>
<div class="reportBox">
   <div class="header">New Agents: </div>
  <div class="row">  </div>  </div>
</div>
<div id="coltwo">
<div class="reportBox">
<div class="header">New Users: </div>
                
</div>

<div class="reportBox">
   <div class="header">Counter History </div>
                
</div>
</div>
<div id="colthree">
<div class="reportBox">
<div class="header">New Clients: </div>
                
</div>
</div>
<?php require_once 'templates/footer.php'; ?>

 

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.