flashguy82 Posted August 7, 2006 Share Posted August 7, 2006 Hey ppl, I'm very much new when it comes to PHP and know very very little code and i have got myself stuck!I am trying to get the UserID when a user logs in (aswell as username and password) so when he or she leaves a product review it will have his or hers UserID in the database in the reviews part, understand what i mean? So far i have only managed to get the ProductID, anyway heres my code... any help from any PHPfreaks would be appreciated aswell as ways to improve on the code as i know it is very ermm crap! Need anything else just ask. Cheers<?php// *** Validate request to login to this site.if (!isset($_SESSION)) { session_start();}$loginFormAction = $_SERVER['PHP_SELF'];if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck'];}if (isset($_POST['Username'])) { $loginUsername=$_POST['Username']; $password=$_POST['Password']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "postreview.php"; $MM_redirectLoginFailed = "loginfailed.php"; $MM_redirecttoReferrer = true; mysql_select_db($database_fitnessdatabase, $fitnessdatabase); $LoginRS__query=sprintf("SELECT Username, Password, UserID FROM users WHERE Username='%s' AND Password='%s'", get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); $LoginRS = mysql_query($LoginRS__query, $fitnessdatabase) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; $_SESSION['MM_UserID'] = sprintf.UserID; if (isset($_SESSION['PrevUrl']) && true) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); }}?> Quote Link to comment Share on other sites More sharing options...
flashguy82 Posted August 8, 2006 Author Share Posted August 8, 2006 Ahhh i have solved the problem and can now get the UserID, here is my current code. Still if anyone can see any security issues or anything else that they see wrong or just stupid (as i know its far from perfect) please feel free to comment.Cheers - <?php// *** Validate request to login to this site.if (!isset($_SESSION)) { session_start();}$loginFormAction = $_SERVER['PHP_SELF'];if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck'];}if (isset($_POST['Username'])) { $loginUsername=$_POST['Username']; $password=$_POST['Password']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "postreview.php"; $MM_redirectLoginFailed = "loginfailed.php"; $MM_redirecttoReferrer = true; mysql_select_db($database_fitnessdatabase, $fitnessdatabase); $LoginRS__query=sprintf("SELECT Username, Password, UserID FROM users WHERE Username='%s' AND Password='%s'", get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); $LoginRS = mysql_query($LoginRS__query, $fitnessdatabase) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; $_SESSION['MM_UserID'] = mysql_result($LoginRS,0,'UserID'); if (isset($_SESSION['PrevUrl']) && true) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); }}?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.