csteff24 Posted November 22, 2009 Share Posted November 22, 2009 I have two databases: clubs and members Clubs has an ID for each club and then a bunch of information about the club, members has the id, username and password and then a "club id" matching the ID of the club that this user is in charge of What can I use to get the "club id" when the member logs in, and then match that to the id of the club they're in charge of so that in members.php I can display the information of their club? This is the code for my login page: <?php // Connects to your Database mysql_connect("*****", "*****", "*****") or die(mysql_error()); mysql_select_db("csteffen") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_staples_clubs'])) //if there is, it logs you in and directs you to the members page { $username = $_COOKIE['ID_staples_clubs']; $pass = $_COOKIE['Key_staples_clubs']; $check = mysql_query("SELECT * FROM members WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: members.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // makes sure they filled it in if(!$_POST['username'] | !$_POST['pass']) { die('You did not fill in a required field.'); } else { $check = mysql_query("SELECT * FROM members WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['pass'] = stripslashes($_POST['pass']); $info['password'] = stripslashes($info['password']); //gives error if the password is wrong if ($_POST['pass'] != $info['password']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_staples_clubs, $_POST['username'], $hour); setcookie(Key_staples_clubs, $_POST['pass'], $hour); //then redirect them to the members area header("Location: members.php"); } } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <table border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="pass" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?> Quote Link to comment https://forums.phpfreaks.com/topic/182506-displaying-user-information/ Share on other sites More sharing options...
MisterWebz Posted November 22, 2009 Share Posted November 22, 2009 First of all, i don't think it's a good idea to show us your host,username and pass. And excuse me if i'm wrong, but shouldn't you send a query to find the clubs, because from what i see, you're only fetching the username and not the clubs. <?php $club = mysql_query("SELECT * FROM clubs WHERE clubId='memberId'"); $result = mysql_fetch_array($club); ?> <html> <body> <p> <?php $result['clubName']; ?> </p> <p> <?php $result['clubScore']; ?> </p> </body </html> Perhaps something like the above. Quote Link to comment https://forums.phpfreaks.com/topic/182506-displaying-user-information/#findComment-963282 Share on other sites More sharing options...
Virvo Posted November 22, 2009 Share Posted November 22, 2009 You have just displayed your database IP, username and password. This is major security risk - I suggest you modify your post and remove this information. Quote Link to comment https://forums.phpfreaks.com/topic/182506-displaying-user-information/#findComment-963285 Share on other sites More sharing options...
csteff24 Posted November 23, 2009 Author Share Posted November 23, 2009 Oops I wasn't even paying attention! I feel like a complete idiot but I can't find the modify post button anywhere... Quote Link to comment https://forums.phpfreaks.com/topic/182506-displaying-user-information/#findComment-963683 Share on other sites More sharing options...
Daniel0 Posted November 23, 2009 Share Posted November 23, 2009 Oops I wasn't even paying attention! I feel like a complete idiot but I can't find the modify post button anywhere... You can only edit posts up until 10 minutes after their creation. I've removed it for you now. Just another reason to use a configuration file I guess :-\ Quote Link to comment https://forums.phpfreaks.com/topic/182506-displaying-user-information/#findComment-963814 Share on other sites More sharing options...
onlyican Posted November 23, 2009 Share Posted November 23, 2009 Anyway, Why not run a join SELECT * FROM Members LEFT JOIN clubs ON Members.ClubID = Clubs.ClubID WHERE MembersID = X Quote Link to comment https://forums.phpfreaks.com/topic/182506-displaying-user-information/#findComment-963821 Share on other sites More sharing options...
csteff24 Posted December 3, 2009 Author Share Posted December 3, 2009 $query = "SELECT * FROM clubs LEFT JOIN members ON members.club = clubs.id WHERE members.id = '$_COOKIE[iD_staples_clubs]'"; $result = mysql_query($query) or die(mysql_error()); while ($row = mysql_fetch_array($result)) { echo "$row[name]"; } There's no errors, but the club name isn't showing up...Is that the proper way to echo the club name? Quote Link to comment https://forums.phpfreaks.com/topic/182506-displaying-user-information/#findComment-970227 Share on other sites More sharing options...
csteff24 Posted December 3, 2009 Author Share Posted December 3, 2009 Am I using left join properly? Quote Link to comment https://forums.phpfreaks.com/topic/182506-displaying-user-information/#findComment-970459 Share on other sites More sharing options...
cags Posted December 3, 2009 Share Posted December 3, 2009 Assuming that the clubs table has an id called field and that id has the same meaning as the club column in the members table, then yes that is pretty much the correct usage. The one issue may have is I'm not sure what MySQL does when you SELECT * when two tables are involved. I assume it would default to the table used in the FROM clause, but better to be specific. The theory of what your doing seems about right, but there are a couple of basic PHP things that you are doing wrong. Keys in an array should be a string, without you putting it in quotes PHP will think it's a constant. As it happens upon realising the constant doesn't exist it will use the name of the constant as a string. But it will throw a Notice level error. Therefore it should be $row['name']. If you are using a variable as a string value and not using any other string text then there is no point placing it in quotes. So just have echo $row['name']. Now having said that using $_COOKIE['ID_staples_clubs'] inside the string as is will cause an error, we fix this by telling PHP it's a variable by putting squiggly brackets around it. $query = "SELECT clubs.*, members.* FROM clubs LEFT JOIN members ON members.club = clubs.id WHERE members.id = '{$_COOKIE['ID_staples_clubs']}'"; $result = mysql_query($query) or die(mysql_error()); while ($row = mysql_fetch_array($result)) { echo $row['name']; } The most likely cause of no error yet no result is that $_COOKIE['ID_staples_clubs'] doesn't exist thus causing you to look for a value where Quote Link to comment https://forums.phpfreaks.com/topic/182506-displaying-user-information/#findComment-970482 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.