Jump to content

Recommended Posts

Hi guys,

I need your help. I cannot find the code for the following. If a user logs into a secure site I want him to greet (because his name is already stored) what is the php code for retrieving and displaying a certain row from a mysql database of the user who is logged in?

Thanks so much!

Link to comment
https://forums.phpfreaks.com/topic/153174-solved-user-data/
Share on other sites

Hi Maq thanks so much so far. Being a newbie and trying everyting out, what would be the code for the query and storing it into the session variable?

 

You mentioned earlier that you stored their information in the DB when they registered.

 

So, wherever you authenticate their username and password when they log in, grab their real name from the DB and store it in a session.

Link to comment
https://forums.phpfreaks.com/topic/153174-solved-user-data/#findComment-804715
Share on other sites

Yeah Mac, thanks. So far I am with you. I just do not know and cannot find the php code to do that (grabbing it from the database and storing it in a session)

 

That may be a problem, cause you need the processing script where it checks to see if their username and password match. 

 

Are you using some sort of template or third party script?  They may have the username in the session already.  If they do you have do something like this to see what session variables are set.

 

session_start();
print_r($_SESSION);

 

Link to comment
https://forums.phpfreaks.com/topic/153174-solved-user-data/#findComment-804740
Share on other sites

this is my login script, where the name should be fetched!

 

<?php require_once('Connections/Login.php'); ?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}<?php $_SESSION[name_usr]; ?>

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "intro.php";
  $MM_redirectLoginFailed = "login.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_Login, $Login);
  
  $LoginRS__query=sprintf("SELECT username, password FROM users WHERE username='%s' AND password='%s'",
    get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 
   
  $LoginRS = mysql_query($LoginRS__query, $Login) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<style type="text/css">
<!--
.style1 {font-family: Verdana, Arial, Helvetica, sans-serif}
.style3 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 11px;
font-weight: bold;
color: #000033;
}
#Layer1 {
position:absolute;
left:179px;
top:68px;
width:473px;
height:119px;
z-index:1;
}
-->
</style>
</head>
<body>[/
<div id="Layer1">
  <form action="<?php echo $loginFormAction; ?>" method="POST" name="form1" id="form1">
    <table width="400" border="0" cellpadding="3" cellspacing="0" bgcolor="#FFFFFF">
      <tr>
        <td width="100" class="style3">Username:</td>
        <td><div align="left">
            <input name="username" type="text" class="style3" id="username" />
        </div></td>
      </tr>
      <tr>
        <td width="100"><span class="style3">Password:</span></td>
        <td><div align="left">
            <input name="password" type="password" class="style3" id="password" />
        </div></td>
      </tr>
      <tr>
        <td width="100"> </td>
        <td><div align="left">
            <input name="Submit" type="submit" class="style3" value="Submit" />
        </div></td>
      </tr>
    </table>
  </form>
</div>
<div align="center"></div>
</body>
</html>

 

and this is my script for the secure site where the name should be displayed:

 

<?php
//initialize the session
if (!isset($_SESSION)) {
  session_start();
}

// ** Logout the current user. **
$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";
if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){
  $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){
  //to fully log out a visitor we need to clear the session varialbles
  $_SESSION['MM_Username'] = NULL;
  $_SESSION['MM_UserGroup'] = NULL;
  $_SESSION['PrevUrl'] = NULL;
  unset($_SESSION['MM_Username']);
  unset($_SESSION['MM_UserGroup']);
  unset($_SESSION['PrevUrl']);

  $logoutGoTo = "http://www.guntmarwolff.com";
  if ($logoutGoTo) {
    header("Location: $logoutGoTo");
    exit;
  }
}
?>
<?php
if (!isset($_SESSION)) {
  session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 
  // For security, start by assuming the visitor is NOT authorized. 
  $isValid = False; 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
  if (!empty($UserName)) { 
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
    // Parse the strings into arrays. 
    $arrUsers = Explode(",", $strUsers); 
    $arrGroups = Explode(",", $strGroups); 
    if (in_array($UserName, $arrUsers)) { 
      $isValid = true; 
    } 
    // Or, you may restrict access to only certain users based on their username. 
    if (in_array($UserGroup, $arrGroups)) { 
      $isValid = true; 
    } 
    if (($strUsers == "") && true) { 
      $isValid = true; 
    } 
  } 
  return $isValid; 
}

$MM_restrictGoTo = "index.html";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER['PHP_SELF'];
  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) 
  $MM_referrer .= "?" . $QUERY_STRING;
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  header("Location: ". $MM_restrictGoTo); 
  exit;
}
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>
<p>test</p>
<p> </p>
<p> <a href="<?php echo $logoutAction ?>">Log out</a></p>
</body>
</html>

Link to comment
https://forums.phpfreaks.com/topic/153174-solved-user-data/#findComment-804749
Share on other sites

Change this line to add whatever the column for their real name is:

 

$LoginRS__query=sprintf("SELECT realname, username, password FROM users

 

And add a session variable to carry the real name.

 

    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;
    $_SESSION['MM_RealName'] = $LoginRS['realname'];

 

On the page you would like to display the real name you can just use:

 

   echo "Welcome " .  $_SESSION['MM_RealName'];

 

As long as you have session_start(); at the top of your page.

Link to comment
https://forums.phpfreaks.com/topic/153174-solved-user-data/#findComment-804756
Share on other sites

Hi Maq,

 

I put in the code you gave but it still does not work. The browser just shows "Welcome but nothing after that... Here is the code of the loginpage:

 

<?php require_once('Connections/Login.php'); ?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
 session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
 $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
 $loginUsername=$_POST['username'];
 $password=$_POST['password'];
 $MM_fldUserAuthorization = "";
 $MM_redirectLoginSuccess = "intro.php";
 $MM_redirectLoginFailed = "login.php";
 $MM_redirecttoReferrer = false;
 mysql_select_db($database_Login, $Login);

 $LoginRS__query=sprintf("SELECT name, username, password FROM users WHERE username='%s' AND password='%s'",
   get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 

 $LoginRS = mysql_query($LoginRS__query, $Login) or die(mysql_error());
 $loginFoundUser = mysql_num_rows($LoginRS);
 if ($loginFoundUser) {
    $loginStrGroup = "";

   //declare two session variables and assign them
   $_SESSION['MM_Username'] = $loginUsername;
   $_SESSION['MM_UserGroup'] = $loginStrGroup;	
$_SESSION['MM_name'] = $LoginRS['name'];     

   if (isset($_SESSION['PrevUrl']) && false) {
     $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
   }
   header("Location: " . $MM_redirectLoginSuccess );
 }
 else {
   header("Location: ". $MM_redirectLoginFailed );
 }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<style type="text/css">
<!--
.style1 {font-family: Verdana, Arial, Helvetica, sans-serif}
.style3 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 11px;
font-weight: bold;
color: #000033;
}
#Layer1 {
position:absolute;
left:179px;
top:68px;
width:473px;
height:119px;
z-index:1;
}
-->
</style>
</head>
<body>
<div id="Layer1">
 <form action="<?php echo $loginFormAction; ?>" method="POST" name="form1" id="form1">
   <table width="400" border="0" cellpadding="3" cellspacing="0" bgcolor="#FFFFFF">
     <tr>
       <td width="100" class="style3">Username:</td>
       <td><div align="left">
           <input name="username" type="text" class="style3" id="username" />
       </div></td>
     </tr>
     <tr>
       <td width="100"><span class="style3">Password:</span></td>
       <td><div align="left">
           <input name="password" type="password" class="style3" id="password" />
       </div></td>
     </tr>
     <tr>
       <td width="100"> </td>
       <td><div align="left">
           <input name="Submit" type="submit" class="style3" value="Submit" />
       </div></td>
     </tr>
   </table>
 </form>
</div>
<div align="center"></div>
</body>
</html>

 

and this the code of the welcome page where the real name is supposed to be displayed

 

<?php
//initialize the session
if (!isset($_SESSION)) {
 session_start();
}

// ** Logout the current user. **
$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";
if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){
 $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){
 //to fully log out a visitor we need to clear the session varialbles
 $_SESSION['MM_Username'] = NULL;
 $_SESSION['MM_UserGroup'] = NULL;
 $_SESSION['PrevUrl'] = NULL;
 unset($_SESSION['MM_Username']);
 unset($_SESSION['MM_UserGroup']);
 unset($_SESSION['PrevUrl']);

 $logoutGoTo = "http://www.guntmarwolff.com";
 if ($logoutGoTo) {
   header("Location: $logoutGoTo");
   exit;
 }
}
?>
<?php
if (!isset($_SESSION)) {
 session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 
 // For security, start by assuming the visitor is NOT authorized. 
 $isValid = False; 

 // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
 // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
 if (!empty($UserName)) { 
   // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
   // Parse the strings into arrays. 
   $arrUsers = Explode(",", $strUsers); 
   $arrGroups = Explode(",", $strGroups); 
   if (in_array($UserName, $arrUsers)) { 
     $isValid = true; 
   } 
   // Or, you may restrict access to only certain users based on their username. 
   if (in_array($UserGroup, $arrGroups)) { 
     $isValid = true; 
   } 
   if (($strUsers == "") && true) { 
     $isValid = true; 
   } 
 } 
 return $isValid; 
}

$MM_restrictGoTo = "index.html";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   
 $MM_qsChar = "?";
 $MM_referrer = $_SERVER['PHP_SELF'];
 if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
 if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) 
 $MM_referrer .= "?" . $QUERY_STRING;
 $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
 header("Location: ". $MM_restrictGoTo); 
 exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>
<p>test</p>
<?php
echo "Welcome " .  $_SESSION['MM_name'];?>
<p> <a href="<?php echo $logoutAction ?>">Log out</a></p>
</body>
</html>

 

Link to comment
https://forums.phpfreaks.com/topic/153174-solved-user-data/#findComment-804944
Share on other sites

Yeah, you are right I changed it just to see if username works but nothing works. I sent you a message a couple of min ago with the login for the page so it would be great if you could have a look. I HAVE AT THE MOMENT NO CLUE!!!

It would be amazing if you would find out. I owe you something for your help.!!!

Link to comment
https://forums.phpfreaks.com/topic/153174-solved-user-data/#findComment-804966
Share on other sites

Hey Maq,

did you have any idea, what went wrong?

 

I see what's wrong.

 

The information is never actually extracted the information from the table.

 

Change this block of code, I commented what I changed/added:

 

$LoginRS = mysql_query($LoginRS__query, $Login) or die(mysql_error());
$row = mysql_fetch_array($result);          // ADDED
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
   $loginStrGroup = "";
   //declare two session variables and assign them
   $_SESSION['MM_Username'] = $loginUsername;
   $_SESSION['MM_UserGroup'] = $loginStrGroup;   
   $_SESSION['MM_name'] = $row['name'];   // CHANGED 

Link to comment
https://forums.phpfreaks.com/topic/153174-solved-user-data/#findComment-805491
Share on other sites

I changed the code as you wrote and code now the followinf after typing in username and password...

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/guntmar/public_html/login.php on line 26

 

Warning: Cannot modify header information - headers already sent by (output started at /home/guntmar/public_html/login.php:26) in /home/guntmar/public_html/login.php on line 40

 

<?php require_once('Connections/Login.php'); ?>

<?php

// *** Validate request to login to this site.

if (!isset($_SESSION)) {

session_start();

}

 

$loginFormAction = $_SERVER['PHP_SELF'];

if (isset($_GET['accesscheck'])) {

$_SESSION['PrevUrl'] = $_GET['accesscheck'];

}

 

if (isset($_POST['username'])) {

$loginUsername=$_POST['username'];

$password=$_POST['password'];

$MM_fldUserAuthorization = "";

$MM_redirectLoginSuccess = "intro.php";

$MM_redirectLoginFailed = "login.php";

$MM_redirecttoReferrer = false;

mysql_select_db($database_Login, $Login);

 

$LoginRS__query=sprintf("SELECT name, username, password FROM users WHERE username='%s' AND password='%s'",

get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

 

$LoginRS = mysql_query($LoginRS__query, $Login) or die(mysql_error());

$row = mysql_fetch_array($result); // ADDED

$loginFoundUser = mysql_num_rows($LoginRS);

if ($loginFoundUser) {

  $loginStrGroup = "";

  //declare two session variables and assign them

  $_SESSION['MM_Username'] = $loginUsername;

  $_SESSION['MM_UserGroup'] = $loginStrGroup;  

  $_SESSION['MM_name'] = $row['name'];   // CHANGED

 

 

 

if (isset($_SESSION['PrevUrl']) && false) {

$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];

}

header("Location: " . $MM_redirectLoginSuccess );

}

else {

header("Location: ". $MM_redirectLoginFailed );

}

}

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Untitled Document</title>

<style type="text/css">

<!--

.style1 {font-family: Verdana, Arial, Helvetica, sans-serif}

.style3 {

font-family: Verdana, Arial, Helvetica, sans-serif;

font-size: 11px;

font-weight: bold;

color: #000033;

}

#Layer1 {

position:absolute;

left:179px;

top:68px;

width:473px;

height:119px;

z-index:1;

}

-->

</style>

</head>

<body>

<div id="Layer1">

<form action="<?php echo $loginFormAction; ?>" method="POST" name="form1" id="form1">

<table width="400" border="0" cellpadding="3" cellspacing="0" bgcolor="#FFFFFF">

<tr>

<td width="100" class="style3">Username:</td>

<td><div align="left">

<input name="username" type="text" class="style3" id="username" />

</div></td>

</tr>

<tr>

<td width="100"><span class="style3">Password:</span></td>

<td><div align="left">

<input name="password" type="password" class="style3" id="password" />

</div></td>

</tr>

<tr>

<td width="100"> </td>

<td><div align="left">

<input name="Submit" type="submit" class="style3" value="Submit" />

</div></td>

</tr>

</table>

</form>

</div>

<div align="center"></div>

</body>

</html>

 

 

Link to comment
https://forums.phpfreaks.com/topic/153174-solved-user-data/#findComment-805510
Share on other sites

Yeah, sorry, change this line to: (wasn't using the correct resource id)

 

$row = mysql_fetch_array($LoginRS);          // ADDED

 

That should fix:

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/guntmar/public_html/login.php on line 26

 

 

And as for this error:

 

Warning: Cannot modify header information - headers already sent by (output started at /home/guntmar/public_html/login.php:26) in /home/guntmar/public_html/login.php on line 40

 

Make sure you're not outputting anything  or have whitespace before the header() calls, it will throw this error.

Link to comment
https://forums.phpfreaks.com/topic/153174-solved-user-data/#findComment-805519
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.