chris_s_22 Posted November 9, 2009 Share Posted November 9, 2009 1 - do i use this code at the top of each of my page i wish to only alow access if there as been a session <?php include_once 'Connect.php'; if (!is_authed()) { die ('You are not permitted to view this page, <a href="index.php">click here</a> to go back.'); } ?> connect.php i use to conect to database this also does a included to functions.php this is part of my functions.php function user_login($username, $password) // Now encrypt the data to be stored in the session $encrypted_id = md5($user['id']); $encrypted_name = md5($user['username']); // Store the data in the session $_SESSION['id'] = $id; $_SESSION['username'] = $username; $_SESSION['encrypted_id'] = $encrypted_id; $_SESSION['encrypted_name'] = $encrypted_name; } function is_authed() { // Check if the encrypted username is the same // as the unencrypted one, if it is, it hasn't been changed if (isset($_SESSION['username']) && (md5($_SESSION['username']) == $_SESSION['encrypted_name'])) { return true; } else { return false; } } lastly if i want do display info from the database where it matches the session being used What code would if any would i use to compliment the code in the first question and what code would i enter into the table below <html> <head></head> <body> <table> <tr> <td>feild1 from database here</td> <td>feild2 from database here</td> <td>feild3 from database here</td> </tr> </table> </body> </html> Quote Link to comment Share on other sites More sharing options...
chris_s_22 Posted November 9, 2009 Author Share Posted November 9, 2009 after reading more tutorials im come to this <?php include_once 'Connect.php'; if (!is_authed()) { die ('You are not permitted to view this page, <a href="index.php">click here</a> to go back.'); } // i want this page to display the age of the session user i use * instead of age for the reason i will be displaying more than just there age $query = mysql_query("SELECT * FROM members WHERE id = '". $encrypted_id ."'"); $result= mysql_query ($query) or die ('id and session data dont match.'); if ($result) { // deal with error } else { } ?> age<br><?php echo $age; ?> im getting the error message id and session data dont match. can any one point out what im doing wrong? Quote Link to comment Share on other sites More sharing options...
bob2588 Posted November 9, 2009 Share Posted November 9, 2009 A couple Problems one i dont see session_start(); in your pages two you are trying to pull of info form the databases base on the users id. But you made the script look for the user id with the variable $encrypted_id and not the user id so it not find the infomation in the databases so you are getting an error Bob Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted November 9, 2009 Share Posted November 9, 2009 don't you want a non encrypted id? and you never define $encrypted_id you can probably just do this $query = mysql_query("SELECT * FROM members WHERE id = '".$_SESSION['username']."'") and you cant do this $query = mysql_query("SELECT * FROM members WHERE id = '". $encrypted_id ."'"); $result= mysql_query ($query) or die ('id and session data dont match.'); you are trying to do a mysql_query with a mysql_query resource. either do this $query = ("SELECT * FROM members WHERE id = '". $encrypted_id ."'"; $result= mysql_query ($query) or die ('id and session data dont match.'); or this $query = mysql_query("SELECT * FROM members WHERE id = '". $encrypted_id ."'") or die("error message"); Quote Link to comment Share on other sites More sharing options...
chris_s_22 Posted November 10, 2009 Author Share Posted November 10, 2009 i use session_start(); at top of my Connect.php and on this page i include that file. Do i still have to use session_start(); on this page? removing the mysql_query like mikeesta707 said stopped my error message comming up it now goes on to display the page but doesnt echo the <?php echo $age; ?> like i would want it to. ive now come to this as the code im now using <?php include_once 'Connect.php'; if (!is_authed()) { die ('You are not permitted to view this page, <a href="index.php">click here</a> to go back.'); } $thequery = ("SELECT * FROM members WHERE id = '". $_SESSION['id'] ."'"); //this query i want it to get data from database where it = session data // then i plan to display it on page $query = mysql_query($thequery) or die ('id and session data dont match.'); ?> <html><head></head><body> age<br><?php echo $age; ?> </body></html> Quote Link to comment Share on other sites More sharing options...
joel24 Posted November 10, 2009 Share Posted November 10, 2009 when you pull data from a mysql table it puts it into an array with the column names as indexes... you also need to fetch the data with mysql_fetch_row() or mysql_fetch_array() etc i'm assuming $age is referring to a column in your database called "age"? <?php include_once 'Connect.php'; if (!is_authed()) { die ('You are not permitted to view this page, <a href="index.php">click here</a> to go back.'); } $thequery = ("SELECT * FROM members WHERE id = '". $_SESSION['id'] ."'"); //this query i want it to get data from database where it = session data // then i plan to display it on page $query = mysql_query($thequery) or die ('id and session data dont match.'); $result = mysql_fetch_row($query); ?> <html><head></head><body> age<br><?php echo $result['age']; ?> </body></html> that works if the mysql query you sent only returns one row.. which it will in this case however, if you have a mysql query which returns several rows i.e. "SELECT * FROM members"; you need to use mysql_fetch_array() and put it in a while loop like so $sql = @mysql_query("SELECT * FROM members"); while ($row = mysql_fetch_array($sql)) { echo $row['age']; } Quote Link to comment Share on other sites More sharing options...
chris_s_22 Posted November 10, 2009 Author Share Posted November 10, 2009 i have tried both requesting a single <?php $thequery = ("SELECT * FROM members WHERE id = '". $_SESSION['id'] ."'"); $query = mysql_query($thequery) or die ('id and session data dont match.'); $result = mysql_fetch_row($query); ?> <html><head></head><body> age<br><?php echo $result['age']; ?> </body></html> and also multi which is what i will need but first just trying to get one to work $sql = @mysql_query("SELECT * FROM members"); while ($row = mysql_fetch_array($sql)) { echo $row['age']; } if i echo "<h5>$thequery</h5>"; i get the result that displays this on the page SELECT * FROM members WHERE id = '' if i echo "<h5>$query</h5>"; i get Resource id #17 does that help finding my problem Quote Link to comment Share on other sites More sharing options...
joel24 Posted November 11, 2009 Share Posted November 11, 2009 mysql_fetch_array() can be used for single results also... i stuffed up the previous bit of code, mysql_fetch_row() returns an array with number indexes representing the columns, i.e. $result[0], $result[1] etc <?php include_once 'Connect.php'; if (!is_authed()) { die ('You are not permitted to view this page, <a href="index.php">click here</a> to go back.'); } $thequery = ("SELECT * FROM members WHERE id = '". $_SESSION['id'] ."'"); //this query i want it to get data from database where it = session data // then i plan to display it on page $query = mysql_query($thequery) or die ('id and session data dont match.'); $result = mysql_fetch_array($query); ?> <html><head></head><body> age<br><?php echo $result['age']; ?> </body></html> or you could use mysql_fetch_row() and have <?php echo $result[0]; ?>... i'd go with the first option tho Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.