Jump to content


Photo

PHP Session help for a newbie...


  • Please log in to reply
1 reply to this topic

#1 flashguy82

flashguy82
  • New Members
  • Pip
  • Newbie
  • 7 posts

Posted 07 August 2006 - 10:37 PM

Hey ppl,

I'm very much new when it comes to PHP and know very very little code and i have got myself stuck!

I am trying to get the UserID when a user logs in (aswell as username and password) so when he or she leaves a product review it will have his or hers UserID in the database in the reviews part, understand what i mean?

So far i have only managed to get the ProductID, anyway heres my code... any help from any PHPfreaks would be appreciated aswell as ways to improve on the code as i know it is very ermm crap! Need anything else just ask.

Cheers


<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['Username'])) {
  $loginUsername=$_POST['Username'];
  $password=$_POST['Password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "postreview.php";
  $MM_redirectLoginFailed = "loginfailed.php";
  $MM_redirecttoReferrer = true;
  mysql_select_db($database_fitnessdatabase, $fitnessdatabase);
 
  $LoginRS__query=sprintf("SELECT Username, Password, UserID FROM users WHERE Username='%s' AND Password='%s'",
    get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));
 
  $LoginRS = mysql_query($LoginRS__query, $fitnessdatabase) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
    $loginStrGroup = "";
   
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;      
    $_SESSION['MM_UserID'] = sprintf.UserID;
    if (isset($_SESSION['PrevUrl']) && true) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>

#2 flashguy82

flashguy82
  • New Members
  • Pip
  • Newbie
  • 7 posts

Posted 08 August 2006 - 12:34 AM

Ahhh i have solved the problem and can now get the UserID, here is my current code.  Still if anyone can see any security issues or anything else that they see wrong or just stupid (as i know its far from perfect) please feel free to comment.

Cheers -

<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['Username'])) {
  $loginUsername=$_POST['Username'];
  $password=$_POST['Password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "postreview.php";
  $MM_redirectLoginFailed = "loginfailed.php";
  $MM_redirecttoReferrer = true;
  mysql_select_db($database_fitnessdatabase, $fitnessdatabase);
 
  $LoginRS__query=sprintf("SELECT Username, Password, UserID FROM users WHERE Username='%s' AND Password='%s'",
    get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));
 
  $LoginRS = mysql_query($LoginRS__query, $fitnessdatabase) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
    $loginStrGroup = "";
   
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;      
    $_SESSION['MM_UserID'] = mysql_result($LoginRS,0,'UserID');
    if (isset($_SESSION['PrevUrl']) && true) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users