LOG IN with Specific ID

[artosousa]

Okay well i have created a registreation form for a client, and now i want the user to be able to login with the user name and password they chose. but i want the long in to be specific to their id so they can view their info once they login on a little profile page. i can't seem to get it work. when i was running on the local server on my computer is was fine but once i uploaded the files i can't get it to work. Here is the link to the login page code,

http://pastie.org/343572

if any one could help me witht his problem it would be greatly apreciated.

 

[ngreenwood6]

First off you can post your own code in the forum by using the code tags which is the # symbol when you are making a post. Second, what is it not doing that it should and do you get any errors.

[artosousa]

i am not getting and errors, it just keeps just calling in the first record in the database, instead of calling the id which is related to the login used to log in...

does that make sense?

<?php require_once('Connections/eib.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_eib, $eib);
$query_Recordset1 = "SELECT * FROM tbl_users";
$Recordset1 = mysql_query($query_Recordset1, $eib) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?><?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['user'])) {
  $loginUsername=$_POST['user'];
  $password=$_POST['passcode'];
  $MM_fldUserAuthorization = "users_level";
  $MM_redirectLoginSuccess = "http://207.45.186.74/~arto/www/EIB/profile.php?users_id=".$row_Recordset1['users_id']."";
  $MM_redirectLoginFailed = "error.html";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_eib, $eib);
  	
  $LoginRS__query=sprintf("SELECT users_login, users_password, users_level FROM tbl_users WHERE users_login=%s AND users_password=%s",
  GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 

  $LoginRS = mysql_query($LoginRS__query, $eib) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {

    $loginStrGroup  = mysql_result($LoginRS,0,'users_level');

    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Untitled Document</title>
<link href="untitled.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="title"></div><br />
<div id="nav"></div><br />
<div class="content" id="content"> <form ACTION="<?php echo $loginFormAction; ?>" id="form1" name="form1" method="POST">
    <table width="417" border="1">
      <tr>
        <td align="right" valign="top">User Name:</td>
        <td><label>
          <input type="text" name="user" id="user" />
        </label></td>
      </tr>
      <tr>
        <td align="right">Password:</td>
        <td><label>
          <input type="password" name="passcode" id="passcode" />
        </label></td>
      </tr>
      <tr>
        <td align="right"> </td>
        <td><label>
          <input type="submit" name="button" id="button" value="Submit" />
        </label></td>
      </tr>
    </table>

</form></div>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

 

 

[ngreenwood6]

I am not sure how the user id is passed to this page but you need to modify your query so that it only selects from that users id like this:

 

$query_Recordset1 = "SELECT * FROM tbl_users WHERE users_id='put the id here'";

 

Another thing that you might want to do is clean up the code a little bit. You do not need to start(<?php) and stop(?>) php while you are still coding php. You only need to stop it when you go to html or another language. For example:

 

//this is wrong
<?php
echo "we are in php";
?>
<?php
echo "still in php";
?>
<html>
hello
</html>

//this is correct
<?php
echo "we are in php";
echo "still in php";
?>
<html>
</html>

 

hopefully that helps.

[artosousa]

do i put a specific id there?

[ngreenwood6]

yeah you would have to put the users id there. If you are using sessions you can put the users id into the session when they login and then echo it from the session here.