nitation Posted December 17, 2008 Share Posted December 17, 2008 Hi folks, I have just created a login system. I wanted to know how i can select a specific user's information from the database using sessions. This is how my login looks like <?php session_start(); ob_start(); error_reporting(E_ALL); ini_set('display_errors', 'on'); include_once 'includes/en.php'; include_once 'includes/config.php'; $errorMsg=""; if (isset($_POST['log'])) { $username=$_POST['username']; $passid=$_POST['passid']; $username = stripslashes($username); $passid = stripslashes($passid); $username = mysql_real_escape_string($username); $passid = mysql_real_escape_string($passid); $sql="SELECT * FROM $tbl_name WHERE adminuser='$username' and adminpass='".md5($_POST['passid'])."'"; $result=mysql_query($sql); $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ $_SESSION['username'] = $username; $_SESSION['passid'] = $passid; $sql="SELECT * FROM $tbl_name WHERE adminuser='$username' and adminpass='$passid'"; $lastlogin = $data['adminlastlogin']; $_SESSION['adminlastlogin'] = $adminlastlogin; $DB_Query = @mysql_query("UPDATE `$tbl_name` SET adminlastlogin=Now() WHERE adminuser='$username'") OR die('MySQL error: '.mysql_error()); header("location:index.php"); } else { $errorMsg=ERROR_USER; } } ob_end_flush(); ?> Quote Link to comment Share on other sites More sharing options...
mmarif4u Posted December 17, 2008 Share Posted December 17, 2008 use this in the next pages and include it in your query. $username = $_SESSION['username'] ; But better to store user id in session. Quote Link to comment Share on other sites More sharing options...
nitation Posted December 17, 2008 Author Share Posted December 17, 2008 What if i create my session in a page and include it on every page that it would be needed. For instance. <?php session_start(); $nsit_name=session_name(); $nsit_sid=session_id(); $nsit_adminid=$_SESSION['adminid']; $nsit_username=$_SESSION['adminuser']; ?> Quote Link to comment Share on other sites More sharing options...
mmarif4u Posted December 17, 2008 Share Posted December 17, 2008 Yes, you can do it like that, then you can use $nsit_adminid any where. But in the login page you have to store it 1st in the session. Quote Link to comment Share on other sites More sharing options...
nitation Posted December 17, 2008 Author Share Posted December 17, 2008 When you say "store it 1st in the session" you mean <?php session_start(); ob_start(); error_reporting(E_ALL); ini_set('display_errors', 'on'); include_once 'includes/en.php'; include_once 'includes/config.php'; $errorMsg=""; if (isset($_POST['log'])) { $username=$_POST['username']; $passid=$_POST['passid']; $username = stripslashes($username); $passid = stripslashes($passid); $username = mysql_real_escape_string($username); $passid = mysql_real_escape_string($passid); $sql="SELECT * FROM $tbl_name WHERE adminuser='$username' and adminpass='".md5($_POST['passid'])."'"; $result=mysql_query($sql); $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ $_SESSION['nsit_adminid'] = $nsit_adminid; $_SESSION['username'] = $username; $_SESSION['passid'] = $passid; $sql="SELECT * FROM $tbl_name WHERE adminuser='$username' and adminpass='$passid'"; $lastlogin = $data['adminlastlogin']; $_SESSION['adminlastlogin'] = $adminlastlogin; $DB_Query = @mysql_query("UPDATE `$tbl_name` SET adminlastlogin=Now() WHERE adminuser='$username'") OR die('MySQL error: '.mysql_error()); header("location:index.php"); } else { $errorMsg=ERROR_USER; } } ob_end_flush(); ?> I included $nsit_adminid first in the session. if($count==1){ $_SESSION['nsit_adminid'] = $nsit_adminid; Quote Link to comment Share on other sites More sharing options...
nitation Posted December 17, 2008 Author Share Posted December 17, 2008 I wrote this now and it's not displaying the information for the logged in user. <?php if (isset($_SESSION['nsit_adminid'])) { $sqlusr=mysql_query("select * from $tbl_name where adminid='$nsit_adminid'"); if(!empty($sqlusr)) { $numusers=mysql_num_rows($sqlusr); if($numusers==1) { $usrrow=mysql_fetch_array($sqlusr); $lastname=$usrrow["lastname"]; $init=$usrrow["initials"]; } } } ?> Quote Link to comment Share on other sites More sharing options...
nitation Posted December 17, 2008 Author Share Posted December 17, 2008 Anyone to advice on what to do??? Quote Link to comment Share on other sites More sharing options...
premiso Posted December 17, 2008 Share Posted December 17, 2008 <?php if (isset($_SESSION['nsit_adminid'])) { $sqlusr=mysql_query("select * from $tbl_name where adminid='" . $_SESSION['nsit_adminid'] . "'"); if(!empty($sqlusr)) { $numusers=mysql_num_rows($sqlusr); if($numusers==1) { $usrrow=mysql_fetch_array($sqlusr); $lastname=$usrrow["lastname"]; $init=$usrrow["initials"]; } } } ?> You never set $nsit_adminid, since you did not, you should access it via the session array as shown above. Quote Link to comment Share on other sites More sharing options...
nitation Posted December 17, 2008 Author Share Posted December 17, 2008 I tried the code you modified, but nothing displayed using the below <?php echo $_SESSION['nsit_admini']; ?> AND this <?php echo $lastname; ?> This is the notice error i got Notice: Undefined variable: lastlogin in C:\Program Files\xampp\htdocs\myfiles\nsit\neosharp\admin\index2.php My error_reporting is turned on Quote Link to comment Share on other sites More sharing options...
premiso Posted December 17, 2008 Share Posted December 17, 2008 <?php session_start(); if (isset($_SESSION['nsit_adminid'])) { $sqlusr=mysql_query("select * from $tbl_name where adminid='" . $_SESSION['nsit_adminid'] . "'"); if(!empty($sqlusr)) { $numusers=mysql_num_rows($sqlusr); if($numusers==1) { $usrrow=mysql_fetch_array($sqlusr); $lastname=$usrrow["lastname"]; $init=$usrrow["initials"]; } } } ?> You need to session_start at the top of each page you use sessions. I also do not see the "lastlogin" part in the code... Quote Link to comment Share on other sites More sharing options...
nitation Posted December 17, 2008 Author Share Posted December 17, 2008 I changed the $lastname to $lastlogin as i have both fields in my database. Have a look at my code <?php session_start(); error_reporting(E_ALL); ini_set('display_errors', 'on'); require_once 'includes/en.php'; require_once 'includes/config.php'; if (!isset($_SESSION['username'])) { header ("Location: login.php"); exit(); } require_once 'templates/header_html.php'; ?> <!-- header_eof //--> <div id="colone"> <div class="reportBox"> <div class="header">Administrator: <?php echo $_SESSION['username']; ?> </div> <div class="row"><span class="rigth"> </span></div> <?php if (isset($_SESSION['nsit_adminid'])) { $sqlusr=mysql_query("select * from $tbl_name where adminid='" . $_SESSION['nsit_adminid'] . "'"); if(!empty($sqlusr)) { $numusers=mysql_num_rows($sqlusr); if($numusers==1) { $usrrow=mysql_fetch_array($sqlusr); $adminip=$usrrow["adminloginip"]; $lastlogin=$usrrow["adminlastlogin"]; } } } ?> <div class="row"><span class="left">Last login date:</span><span class="rigth"><?php echo $lastlogin; ?></span></div> <div class="row"></div> <div class="row"></div> <div class="row"></div> </div> <div class="reportBox"> <div class="header">New Agents: </div> <div class="row"> </div> </div> </div> <div id="coltwo"> <div class="reportBox"> <div class="header">New Users: </div> </div> <div class="reportBox"> <div class="header">Counter History </div> </div> </div> <div id="colthree"> <div class="reportBox"> <div class="header">New Clients: </div> </div> </div> <?php require_once 'templates/footer.php'; ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.