Mysql user/sessions

lewisstevens1 · April 25, 2009

Hello i am using mysql sessions to bring back data recalled from a database, the thing is i had to use a premade login script and dont know how to get this working, i can get it working by like selecting id 1, though i wanted to have it so it selects the data by the person logged in, this is some of the code i have.

i am only posting the usefull parts though i will attach the files used here as an attachment, if theres any more you want just ask and i can send the whole entire script. I know some divs may not be closed but thats because i shortened it.

index.php

<?php 
session_start();

if (!isset($_SESSION['user']))
{
header("Location: login.php");
}
?> 

<?php
require_once 'connect.php';

$sql="SELECT * FROM $tbl_name ORDER BY id DESC";
// OREDER BY id DESC is order result by descending 
$result=mysql_query($sql);
?>

<?php
while($rows=mysql_fetch_array($result)){ // Start looping table row 
?>

<?php if (isset($_SESSION['user'])) { ?>
<p>Logged as <?php echo $_SESSION['user']; ?> | <a href="settings.php">Settings</a> 
| <a href="logout.php">Logout</a> </p>
<?php } ?> 


<center>

<div id="main_wrapper" style="border: 1px #123 solid;">
<div id="left_navigation_bar" style="border: 1px #000 solid;">
<p><br><br><br>
Name: <?php echo $_SESSION['full_name']; ?> [<?php $id ?>]<br>
Money: £<?php echo $full_name ?><br>
Level: <?php $userlevel ?><br>
Crystals: <?php $usercrystals ?><br>
Special item: <?php $specialitems ?><br>
<br><br>
<?php
// Exit looping and close connection 
}
mysql_close();
?>
[LOGOUT]
</p>

register.php

<?php 
session_start();


include ('dbc.php'); 


if ($_POST['Submit'] == 'Register')
{
   if (strlen($_POST['email']) < 5)
   {
    die ("Incorrect email. Please enter valid email address..");
    }
   if (strcmp($_POST['pass1'],$_POST['pass2']) || empty($_POST['pass1']) )
{ 
//die ("Password does not match");
die("ERROR: Password does not match or empty..");

}
if (strcmp(md5($_POST['user_code']),$_SESSION['ckey']))
{ 
		 die("Invalid code entered. Please enter the correct code as shown in the Image");
  		} 
$rs_duplicates = mysql_query("select id from users where user_email='$_POST[email]'");
$duplicates = mysql_num_rows($rs_duplicates);

if ($duplicates > 0)
{	
//die ("ERROR: User account already exists.");
header("Location: register.php?msg=ERROR: User account already exists..");
exit();
}




$md5pass = md5($_POST['pass2']);
$activ_code = rand(1000,9999);
$server = $_SERVER['HTTP_HOST'];
$host = ereg_replace('www.','',$server);
mysql_query("INSERT INTO users
              (`user_email`,`user_pwd`,`sex`,`joined`,`activation_code`,`full_name`)
			  VALUES
			  ('$_POST[email]','$md5pass','$_POST[sex]',now(),'$activ_code','$_POST[full_name]')") or die(mysql_error());

$message = 
"Thank you for registering an account with $server. Here are the login details...\n\n
User Email: $_POST[email] \n
Password: $_POST[pass2] \n
Activation Code: $activ_code \n
____________________________________________
*** ACTIVATION LINK ***** \n
Activation Link: http://$server/myown/activate.php?usr=$_POST[email]&code=$activ_code \n\n
_____________________________________________
Thank you. This is an automated response. PLEASE DO NOT REPLY.
";

mail($_POST['email'] , "Login Activation", $message,
    "From: \"Auto-Response\" <notifications@$host>\r\n" .
     "X-Mailer: PHP/" . phpversion());
unset($_SESSION['ckey']);
echo("Registration Successful! An activation code has been sent to your email address with an activation link...");	

exit;
}	

?> 
<link href="styles.css" rel="stylesheet" type="text/css">
<?php if (isset($_GET['msg'])) { echo "<div class=\"msg\"> $_GET[msg] </div>"; } ?>
<p> </p>
<table width="65%" border="0" cellpadding="0" cellspacing="0">
  <tr> 
    <td bgcolor="d5e8f9" class="mnuheader"><strong><font size="5">Register Account</font></strong></td>
  </tr>
  <tr> 
    <td bgcolor="e5ecf9" class="forumposts"><form name="form1" method="post" action="register.php" style="padding:5px;">
        <p><br>
          Name: 
          <input name="full_name" type="text" id="full_name">
          Ex. Bob Jo Wilson</p>
        <p>Email: 
          <input name="email" type="text" id="email">
          Ex. [email protected]</p>
        <p>Password: 
          <input name="pass1" type="password" id="pass1">
          Atleast 5 chars</p>
        <p>Retype Password: 
          <input name="pass2" type="password" id="pass2">
        </p>
        <p>Sex: 
          <select name="sex" id="select8">
            <option value="Male">Male</option>
            <option value="Female">Female</option>
		<option value="PreferNotToSay">Prefer Not To Say</option>
          </select>
        </p>
        <p> 
          <input name="user_code" type="text" size="10">
          <img src="pngimg.php" align="middle">  </p>
        <p align="center"> 
          <input type="submit" name="Submit" value="Register">
        </p>
      </form></td>
  </tr>
</table>
<div align="left"></div>
</body>
</html>

login.php

<?php 
include 'dbc.php';

$user_email = mysql_real_escape_string($_POST['email']);

if ($_POST['Submit']=='Login')
{
$md5pass = md5($_POST['pwd']);
$sql = "SELECT id,user_email FROM users WHERE 
            user_email = '$user_email' AND 
            user_pwd = '$md5pass' AND user_activated='1'"; 

$result = mysql_query($sql) or die (mysql_error()); 
$num = mysql_num_rows($result);

    if ( $num != 0 ) { 

        // A matching row was found - the user is authenticated. 
       session_start(); 
   list($user_id,$user_email) = mysql_fetch_row($result);
	// this sets variables in the session 
	$_SESSION['user']= $user_email;  


	if (isset($_GET['ret']) && !empty($_GET['ret']))
	{
	header("Location: $_GET[ret]");
	} else
	{
	header("Location: index.php");
	}
	//echo "Logged in...";
	exit();
    } 

header("Location: login.php?msg=Invalid Login");
//echo "Error:";
exit();		
}

?>

<link href="styles.css" rel="stylesheet" type="text/css">

<?php if (isset($_GET['msg'])) { echo "<div class=\"msg\"> $_GET[msg] </div>"; } ?>


<p> </p><table width="40%" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td bgcolor="#000066" class="mnuheader" >
<div align="center"><font size="5"><strong>Login 
        Members</strong></font></div></td>
  </tr>
  <tr>
    <td bgcolor="#000099" class="mnubody"><form name="form1" method="post" action="">
        <p> </p>
        <p align="center">Your Email 
          <input name="email" type="text" id="email">
        </p>
        <p align="center"> Password: 
          <input name="pwd" type="password" id="pwd">
        </p>
        <p align="center"> 
          <input type="submit" name="Submit" value="Login">
        </p>
        <p align="center"><a href="register.php">Register</a> | <a href="forgot.php">Forgot</a></p>
      </form></td>
  </tr>
</table>

[attachment deleted by admin]

fenway · April 27, 2009

Well, you'll need to pull back some from the session (cookie, session_id, whatever).

lewisstevens1 · April 27, 2009

:S still dont really understand... how will i get it so it echos the users level from the database of that user.

fenway · April 28, 2009

You have to figure out who is logged in somehow -- I assume you're storing that somehwere.

Sign In

Mysql user/sessions

Recommended Posts

lewisstevens1

Link to comment

Share on other sites

fenway

Link to comment

Share on other sites

lewisstevens1

Link to comment

Share on other sites

fenway

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information