gwolff2005 Posted April 8, 2009 Share Posted April 8, 2009 Hi guys, I need your help. I cannot find the code for the following. If a user logs into a secure site I want him to greet (because his name is already stored) what is the php code for retrieving and displaying a certain row from a mysql database of the user who is logged in? Thanks so much! Quote Link to comment Share on other sites More sharing options...
Maq Posted April 8, 2009 Share Posted April 8, 2009 Are you storing the user name/id in a session? (which would be a good idea if you're not) If so, you can just grab it from there and not even query the database. Quote Link to comment Share on other sites More sharing options...
gwolff2005 Posted April 8, 2009 Author Share Posted April 8, 2009 Thanks. No I dont do that. because my login just requires username and password, but I want to greet him with his real name, which was stored the first time when he registered. What do I have to do? Quote Link to comment Share on other sites More sharing options...
Maq Posted April 8, 2009 Share Posted April 8, 2009 When they log in, do a query that retrieves this information and store it into a SESSION variable. Then when you get to the home page you already have this information. Quote Link to comment Share on other sites More sharing options...
gwolff2005 Posted April 8, 2009 Author Share Posted April 8, 2009 Hi Maq thanks so much so far. Being a newbie and trying everyting out, what would be the code for the query and storing it into the session variable? Quote Link to comment Share on other sites More sharing options...
Axeia Posted April 8, 2009 Share Posted April 8, 2009 http://www.w3schools.com/php/php_mysql_select.asp http://www.w3schools.com/php/php_sessions.asp Quote Link to comment Share on other sites More sharing options...
Maq Posted April 8, 2009 Share Posted April 8, 2009 Hi Maq thanks so much so far. Being a newbie and trying everyting out, what would be the code for the query and storing it into the session variable? You mentioned earlier that you stored their information in the DB when they registered. So, wherever you authenticate their username and password when they log in, grab their real name from the DB and store it in a session. Quote Link to comment Share on other sites More sharing options...
gwolff2005 Posted April 8, 2009 Author Share Posted April 8, 2009 Yeah Mac, thanks. So far I am with you. I just do not know and cannot find the php code to do that (grabbing it from the database and storing it in a session) Quote Link to comment Share on other sites More sharing options...
Maq Posted April 8, 2009 Share Posted April 8, 2009 Yeah Mac, thanks. So far I am with you. I just do not know and cannot find the php code to do that (grabbing it from the database and storing it in a session) That may be a problem, cause you need the processing script where it checks to see if their username and password match. Are you using some sort of template or third party script? They may have the username in the session already. If they do you have do something like this to see what session variables are set. session_start(); print_r($_SESSION); Quote Link to comment Share on other sites More sharing options...
gwolff2005 Posted April 8, 2009 Author Share Posted April 8, 2009 this is my login script, where the name should be fetched! <?php require_once('Connections/Login.php'); ?> <?php // *** Validate request to login to this site. if (!isset($_SESSION)) { session_start(); }<?php $_SESSION[name_usr]; ?> $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck']; } if (isset($_POST['username'])) { $loginUsername=$_POST['username']; $password=$_POST['password']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "intro.php"; $MM_redirectLoginFailed = "login.php"; $MM_redirecttoReferrer = false; mysql_select_db($database_Login, $Login); $LoginRS__query=sprintf("SELECT username, password FROM users WHERE username='%s' AND password='%s'", get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); $LoginRS = mysql_query($LoginRS__query, $Login) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> <style type="text/css"> <!-- .style1 {font-family: Verdana, Arial, Helvetica, sans-serif} .style3 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: bold; color: #000033; } #Layer1 { position:absolute; left:179px; top:68px; width:473px; height:119px; z-index:1; } --> </style> </head> <body>[/ <div id="Layer1"> <form action="<?php echo $loginFormAction; ?>" method="POST" name="form1" id="form1"> <table width="400" border="0" cellpadding="3" cellspacing="0" bgcolor="#FFFFFF"> <tr> <td width="100" class="style3">Username:</td> <td><div align="left"> <input name="username" type="text" class="style3" id="username" /> </div></td> </tr> <tr> <td width="100"><span class="style3">Password:</span></td> <td><div align="left"> <input name="password" type="password" class="style3" id="password" /> </div></td> </tr> <tr> <td width="100"> </td> <td><div align="left"> <input name="Submit" type="submit" class="style3" value="Submit" /> </div></td> </tr> </table> </form> </div> <div align="center"></div> </body> </html> and this is my script for the secure site where the name should be displayed: <?php //initialize the session if (!isset($_SESSION)) { session_start(); } // ** Logout the current user. ** $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true"; if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){ $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){ //to fully log out a visitor we need to clear the session varialbles $_SESSION['MM_Username'] = NULL; $_SESSION['MM_UserGroup'] = NULL; $_SESSION['PrevUrl'] = NULL; unset($_SESSION['MM_Username']); unset($_SESSION['MM_UserGroup']); unset($_SESSION['PrevUrl']); $logoutGoTo = "http://www.guntmarwolff.com"; if ($logoutGoTo) { header("Location: $logoutGoTo"); exit; } } ?> <?php if (!isset($_SESSION)) { session_start(); } $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "index.html"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) $MM_referrer .= "?" . $QUERY_STRING; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> </head> <body> <p>test</p> <p> </p> <p> <a href="<?php echo $logoutAction ?>">Log out</a></p> </body> </html> Quote Link to comment Share on other sites More sharing options...
Maq Posted April 8, 2009 Share Posted April 8, 2009 Change this line to add whatever the column for their real name is: $LoginRS__query=sprintf("SELECT realname, username, password FROM users And add a session variable to carry the real name. //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; $_SESSION['MM_RealName'] = $LoginRS['realname']; On the page you would like to display the real name you can just use: echo "Welcome " . $_SESSION['MM_RealName']; As long as you have session_start(); at the top of your page. Quote Link to comment Share on other sites More sharing options...
gwolff2005 Posted April 8, 2009 Author Share Posted April 8, 2009 Hi Maq, I put in the code you gave but it still does not work. The browser just shows "Welcome but nothing after that... Here is the code of the loginpage: <?php require_once('Connections/Login.php'); ?> <?php // *** Validate request to login to this site. if (!isset($_SESSION)) { session_start(); } $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck']; } if (isset($_POST['username'])) { $loginUsername=$_POST['username']; $password=$_POST['password']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "intro.php"; $MM_redirectLoginFailed = "login.php"; $MM_redirecttoReferrer = false; mysql_select_db($database_Login, $Login); $LoginRS__query=sprintf("SELECT name, username, password FROM users WHERE username='%s' AND password='%s'", get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); $LoginRS = mysql_query($LoginRS__query, $Login) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; $_SESSION['MM_name'] = $LoginRS['name']; if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> <style type="text/css"> <!-- .style1 {font-family: Verdana, Arial, Helvetica, sans-serif} .style3 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: bold; color: #000033; } #Layer1 { position:absolute; left:179px; top:68px; width:473px; height:119px; z-index:1; } --> </style> </head> <body> <div id="Layer1"> <form action="<?php echo $loginFormAction; ?>" method="POST" name="form1" id="form1"> <table width="400" border="0" cellpadding="3" cellspacing="0" bgcolor="#FFFFFF"> <tr> <td width="100" class="style3">Username:</td> <td><div align="left"> <input name="username" type="text" class="style3" id="username" /> </div></td> </tr> <tr> <td width="100"><span class="style3">Password:</span></td> <td><div align="left"> <input name="password" type="password" class="style3" id="password" /> </div></td> </tr> <tr> <td width="100"> </td> <td><div align="left"> <input name="Submit" type="submit" class="style3" value="Submit" /> </div></td> </tr> </table> </form> </div> <div align="center"></div> </body> </html> and this the code of the welcome page where the real name is supposed to be displayed <?php //initialize the session if (!isset($_SESSION)) { session_start(); } // ** Logout the current user. ** $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true"; if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){ $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){ //to fully log out a visitor we need to clear the session varialbles $_SESSION['MM_Username'] = NULL; $_SESSION['MM_UserGroup'] = NULL; $_SESSION['PrevUrl'] = NULL; unset($_SESSION['MM_Username']); unset($_SESSION['MM_UserGroup']); unset($_SESSION['PrevUrl']); $logoutGoTo = "http://www.guntmarwolff.com"; if ($logoutGoTo) { header("Location: $logoutGoTo"); exit; } } ?> <?php if (!isset($_SESSION)) { session_start(); } $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "index.html"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) $MM_referrer .= "?" . $QUERY_STRING; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> </head> <body> <p>test</p> <?php echo "Welcome " . $_SESSION['MM_name'];?> <p> <a href="<?php echo $logoutAction ?>">Log out</a></p> </body> </html> Quote Link to comment Share on other sites More sharing options...
Maq Posted April 8, 2009 Share Posted April 8, 2009 It should be: $_SESSION['MM_name'] NOT $_SESSION['MM_username'] But MM_username should still shown up after "Welcome", hmmm..... Quote Link to comment Share on other sites More sharing options...
gwolff2005 Posted April 8, 2009 Author Share Posted April 8, 2009 Yeah, you are right I changed it just to see if username works but nothing works. I sent you a message a couple of min ago with the login for the page so it would be great if you could have a look. I HAVE AT THE MOMENT NO CLUE!!! It would be amazing if you would find out. I owe you something for your help.!!! Quote Link to comment Share on other sites More sharing options...
Maq Posted April 8, 2009 Share Posted April 8, 2009 It would be amazing if you would find out. I owe you something for your help.!!! If anything support PHPFreaks by donating. I'm leaving work now, but I'll look at it when I get home. Quote Link to comment Share on other sites More sharing options...
gwolff2005 Posted April 9, 2009 Author Share Posted April 9, 2009 Hey Maq, did you have any idea, what went wrong? Quote Link to comment Share on other sites More sharing options...
gwolff2005 Posted April 9, 2009 Author Share Posted April 9, 2009 Hi Maq, I printet now out what is stored in the session and it tells me Hello Array ( [MM_Username] => admin [MM_UserGroup] => [MM_name] => ) It seems he catches the username but does not get the name from the database Grrrrrrrrrrrrrr...... what to do??? Quote Link to comment Share on other sites More sharing options...
Maq Posted April 9, 2009 Share Posted April 9, 2009 Hey Maq, did you have any idea, what went wrong? I see what's wrong. The information is never actually extracted the information from the table. Change this block of code, I commented what I changed/added: $LoginRS = mysql_query($LoginRS__query, $Login) or die(mysql_error()); $row = mysql_fetch_array($result); // ADDED $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; $_SESSION['MM_name'] = $row['name']; // CHANGED Quote Link to comment Share on other sites More sharing options...
gwolff2005 Posted April 9, 2009 Author Share Posted April 9, 2009 I changed the code as you wrote and code now the followinf after typing in username and password... Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/guntmar/public_html/login.php on line 26 Warning: Cannot modify header information - headers already sent by (output started at /home/guntmar/public_html/login.php:26) in /home/guntmar/public_html/login.php on line 40 <?php require_once('Connections/Login.php'); ?> <?php // *** Validate request to login to this site. if (!isset($_SESSION)) { session_start(); } $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck']; } if (isset($_POST['username'])) { $loginUsername=$_POST['username']; $password=$_POST['password']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "intro.php"; $MM_redirectLoginFailed = "login.php"; $MM_redirecttoReferrer = false; mysql_select_db($database_Login, $Login); $LoginRS__query=sprintf("SELECT name, username, password FROM users WHERE username='%s' AND password='%s'", get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); $LoginRS = mysql_query($LoginRS__query, $Login) or die(mysql_error()); $row = mysql_fetch_array($result); // ADDED $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; $_SESSION['MM_name'] = $row['name']; // CHANGED if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> <style type="text/css"> <!-- .style1 {font-family: Verdana, Arial, Helvetica, sans-serif} .style3 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: bold; color: #000033; } #Layer1 { position:absolute; left:179px; top:68px; width:473px; height:119px; z-index:1; } --> </style> </head> <body> <div id="Layer1"> <form action="<?php echo $loginFormAction; ?>" method="POST" name="form1" id="form1"> <table width="400" border="0" cellpadding="3" cellspacing="0" bgcolor="#FFFFFF"> <tr> <td width="100" class="style3">Username:</td> <td><div align="left"> <input name="username" type="text" class="style3" id="username" /> </div></td> </tr> <tr> <td width="100"><span class="style3">Password:</span></td> <td><div align="left"> <input name="password" type="password" class="style3" id="password" /> </div></td> </tr> <tr> <td width="100"> </td> <td><div align="left"> <input name="Submit" type="submit" class="style3" value="Submit" /> </div></td> </tr> </table> </form> </div> <div align="center"></div> </body> </html> Quote Link to comment Share on other sites More sharing options...
Maq Posted April 9, 2009 Share Posted April 9, 2009 Yeah, sorry, change this line to: (wasn't using the correct resource id) $row = mysql_fetch_array($LoginRS); // ADDED That should fix: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/guntmar/public_html/login.php on line 26 And as for this error: Warning: Cannot modify header information - headers already sent by (output started at /home/guntmar/public_html/login.php:26) in /home/guntmar/public_html/login.php on line 40 Make sure you're not outputting anything or have whitespace before the header() calls, it will throw this error. Quote Link to comment Share on other sites More sharing options...
Maq Posted April 9, 2009 Share Posted April 9, 2009 If you need more information or clarification about the header errors have a read here: HEADER ERRORS Quote Link to comment Share on other sites More sharing options...
gwolff2005 Posted April 9, 2009 Author Share Posted April 9, 2009 YOU ARE A STAR!!!!!!!!!!!!!!!!!!!!!!!!! THANK YOU SO MUCH!!!!!!!!!!!!!!!!!!!! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.