Jump to content

Recommended Posts

1 - do i use this code at the top of each of my page i wish to only alow access if there as been a session

<?php
include_once 'Connect.php';
if (!is_authed()) 
{
     die ('You are not permitted to view this page, <a href="index.php">click here</a> to go back.');
}
?>

 

connect.php i use to conect to database this also does a included to functions.php

 

this is part of my functions.php

function user_login($username, $password)
     // Now encrypt the data to be stored in the session
     $encrypted_id = md5($user['id']);
     $encrypted_name = md5($user['username']);

     // Store the data in the session
     $_SESSION['id'] = $id;
     $_SESSION['username'] = $username;
     $_SESSION['encrypted_id'] = $encrypted_id;
     $_SESSION['encrypted_name'] = $encrypted_name;
}

function is_authed()
{
     // Check if the encrypted username is the same
     // as the unencrypted one, if it is, it hasn't been changed
     if (isset($_SESSION['username']) && (md5($_SESSION['username']) == $_SESSION['encrypted_name']))
     {
          return true;
     }
     else
     {
          return false;
     }
}

 

lastly if i want do display info from the database where it matches the session being used

What code would if any would i use to compliment the code in the first question and what code would i enter into the table below

<html>
<head></head>
<body>
<table> 
  <tr>
    <td>feild1 from database here</td>
    <td>feild2 from database here</td>
    <td>feild3 from database here</td>
  </tr>
</table>
</body>
</html>

after reading more tutorials im come to this

 

<?php
include_once 'Connect.php';
if (!is_authed()) 
{
     die ('You are not permitted to view this page, <a href="index.php">click here</a> to go back.');
}
// i want this page to display the age of the session user i use * instead of age for the reason i will be displaying more than just there age

    $query = mysql_query("SELECT * FROM members WHERE id = '". $encrypted_id ."'");
  	$result= mysql_query ($query) or die ('id and session data dont match.');
if ($result)
{	
// deal with error
}
else
{

}
?>

age<br><?php echo $age; ?>

im getting the error message

id and session data dont match.

can any one point out what im doing wrong?

A couple Problems one i dont see session_start(); in your pages

 

two you are trying to pull of info form the databases base on the users id. But you made the script look for the user id with the variable $encrypted_id and not the user id so it not find the infomation in the databases so you are getting an error

 

Bob

don't you want a non encrypted id? and you never define $encrypted_id

 

you can probably just do this

$query = mysql_query("SELECT * FROM members WHERE id = '".$_SESSION['username']."'")

 

and you cant do this

$query = mysql_query("SELECT * FROM members WHERE id = '". $encrypted_id ."'");
  	$result= mysql_query ($query) or die ('id and session data dont match.');

 

you are trying to do a mysql_query with a mysql_query resource. either do this

$query = ("SELECT * FROM members WHERE id = '". $encrypted_id ."'";
  	$result= mysql_query ($query) or die ('id and session data dont match.');

 

or this

$query = mysql_query("SELECT * FROM members WHERE id = '". $encrypted_id ."'") or die("error message");

i use session_start(); at top of my Connect.php and on this page i include

that file. Do i still have to use session_start(); on this page?

 

removing the mysql_query like mikeesta707 said stopped my error message comming up it now goes on to display the page but doesnt echo the <?php echo $age; ?> like i would want it to.

 

ive now come to this as the code im now using

<?php
include_once 'Connect.php';
if (!is_authed()) 
{
     die ('You are not permitted to view this page, <a href="index.php">click here</a> to go back.');
}
$thequery = ("SELECT * FROM members WHERE id = '". $_SESSION['id'] ."'");
//this query i want it to get data from database where it = session data  
// then i plan to display it on page
$query = mysql_query($thequery) or die ('id and session data dont match.');
?>
<html><head></head><body>
age<br><?php echo $age; ?>
</body></html>

when you pull data from a mysql table it puts it into an array with the column names as indexes...

you also need to fetch the data with mysql_fetch_row() or mysql_fetch_array() etc

i'm assuming $age is referring to a column in your database called "age"?

<?php
include_once 'Connect.php';
if (!is_authed()) 
{
     die ('You are not permitted to view this page, <a href="index.php">click here</a> to go back.');
}
$thequery = ("SELECT * FROM members WHERE id = '". $_SESSION['id'] ."'");
//this query i want it to get data from database where it = session data  
// then i plan to display it on page
$query = mysql_query($thequery) or die ('id and session data dont match.');
$result = mysql_fetch_row($query);
?>
<html><head></head><body>
age<br><?php echo $result['age']; ?>
</body></html>

 

that works if the mysql query you sent only returns one row.. which it will in this case

however, if you have a mysql query which returns several rows i.e. "SELECT * FROM members";

you need to use mysql_fetch_array() and put it in a while loop like so

$sql = @mysql_query("SELECT * FROM members");
while ($row = mysql_fetch_array($sql))
{
echo $row['age'];
}

i have tried both requesting a single

 

<?php 
$thequery = ("SELECT * FROM members WHERE id = '". $_SESSION['id'] ."'");
$query = mysql_query($thequery) or die ('id and session data dont match.');
$result = mysql_fetch_row($query); 
?>
<html><head></head><body>
age<br><?php echo $result['age']; ?>
</body></html>

 

and also multi which is what i will need but first just trying to get one to work

$sql = @mysql_query("SELECT * FROM members");

while ($row = mysql_fetch_array($sql))

{

echo $row['age'];

}

 

if i

echo "<h5>$thequery</h5>";

i get the result that displays this on the page

 

SELECT * FROM members WHERE id = ''

 

if i

echo "<h5>$query</h5>";

 

i get

Resource id #17

 

does that help finding my problem

mysql_fetch_array() can be used for single results also...

i stuffed up the previous bit of code, mysql_fetch_row() returns an array with number indexes representing the columns,

i.e. $result[0], $result[1] etc

 

<?php
include_once 'Connect.php';
if (!is_authed()) 
{
     die ('You are not permitted to view this page, <a href="index.php">click here</a> to go back.');
}
$thequery = ("SELECT * FROM members WHERE id = '". $_SESSION['id'] ."'");
//this query i want it to get data from database where it = session data  
// then i plan to display it on page
$query = mysql_query($thequery) or die ('id and session data dont match.');
$result = mysql_fetch_array($query);
?>
<html><head></head><body>
age<br><?php echo $result['age']; ?>
</body></html>

 

or you could use mysql_fetch_row() and have <?php echo $result[0]; ?>...

i'd go with the first option tho

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.