slj90 Posted January 18, 2010 Share Posted January 18, 2010 I have a table that has Customer ID along with their Username. My code currently uses their username as the 'auth User'. How do I get the CustomerID from the username.. The code I am using to get the username from the previous page is.. <?php session_start(); // Check if we have an authenticated user if (!isset($_SESSION["authenticatedUser"])) //if not re-direct to login page { $_SESSION["message"] = "Please Login"; header("Location: loginpage.php"); } else; { //If authenticated then display page conetents ?> and to display the username.. <?php echo $_SESSION["authenticatedUser"]; ?> So how would I go about getting the CustomerID from this? Thank you Quote Link to comment https://forums.phpfreaks.com/topic/188861-getting-id-from-username/ Share on other sites More sharing options...
joel24 Posted January 18, 2010 Share Posted January 18, 2010 wheres the script to log the user in? when they log in you should put their user id in a session value or to get said value later on, you could do something like $sql = @mysql_query("SELECT user_id FROM users WHERE username = '{$_SESSION["authenticatedUser"]}'"); $userID = mysql_fetch_array($sql); $userID = $userID['user_id']; Quote Link to comment https://forums.phpfreaks.com/topic/188861-getting-id-from-username/#findComment-997119 Share on other sites More sharing options...
slj90 Posted January 18, 2010 Author Share Posted January 18, 2010 Thanks for your response.. I have added your code to my script and then added the following to see the result.. <?php echo $_SESSION["authenticatedUser"]; echo $CustomerID ?> Where the CustomerID should be it says 'Array'? The login script: <?php include ("connection.php"); session_start(); // Collect data from form and save in variables //See if any info was submitted $Username = $_GET['Username']; //Clean data - trim space $Username = trim ( $Username); //Check its ok - if not then add an error message to the error string if (empty($Username)) $errorString = $errorString."<br>Please supply Username."; //See if any info was submitted $Password = $_GET['Password']; //Clean data - trim space $Password = trim ( $Password); //Check its ok - if not then add an error message to the error string if (empty($Password)) $errorString = $errorString."<br>Please supply Password."; // Query to search the user table $query= "SELECT * FROM Customer WHERE Username='$Username' AND Password='$Password'"; // Run query through connection $result = mysql_query ($query); // Check result of query // if rows found set authenticated user to the user name entered if (mysql_num_rows($result) > 0) { $_SESSION["authenticatedUser"] = $Username; // Relocate to the logged-in page header("Location: loggedon.php"); } else // login failed redirect back to login page with error message { $_SESSION["message"] = "Could not connect as $Username " ; header("Location: loginpage.php"); } ?> Thank you very much for your help Quote Link to comment https://forums.phpfreaks.com/topic/188861-getting-id-from-username/#findComment-997133 Share on other sites More sharing options...
garethhall Posted January 18, 2010 Share Posted January 18, 2010 Well you are already selecting the user and checking that there is a result so if mysql_num_rows($result) > 0 that means that a user has been found. So simply return the userID and set a session with the userID if (empty($Password)) $errorString = $errorString."<br>Please supply Password."; // Query to search the user table $query= "SELECT * FROM Customer WHERE Username='$Username' AND Password='$Password'"; // Run query through connection $result = mysql_query ($query); ###### NEW CODE return row details $row = mysql_fetch_assoc($query); ###### END // Check result of query // if rows found set authenticated user to the user name entered if (mysql_num_rows($result) > 0) { $_SESSION["authenticatedUser"] = $Username; ###### NEW CODE set the session $_SESSION['userID'] = $row['userID']; ###### END // Relocate to the logged-in page header("Location: loggedon.php"); } else // login failed redirect back to login page with error message { $_SESSION["message"] = "Could not connect as $Username " ; header("Location: loginpage.php"); } Quote Link to comment https://forums.phpfreaks.com/topic/188861-getting-id-from-username/#findComment-997149 Share on other sites More sharing options...
slj90 Posted January 18, 2010 Author Share Posted January 18, 2010 Gareth, Thank you for response... I have added your lines to my code, however i get the following errors... Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /study_D/undergrad/c3221281/webpages/my_iis_website/loginAction.php on line 28 Warning: Cannot modify header information - headers already sent by (output started at /study_D/undergrad/c3221281/webpages/my_iis_website/loginAction.php:28) in /study_D/undergrad/c3221281/webpages/my_iis_website/loginAction.php on line 36 Line 28: $row = mysql_fetch_assoc($query); Line 36: header("Location: loggedon.php"); Thanks alot for your help Quote Link to comment https://forums.phpfreaks.com/topic/188861-getting-id-from-username/#findComment-997161 Share on other sites More sharing options...
garethhall Posted January 18, 2010 Share Posted January 18, 2010 Please echo "The result is ".$result; Quote Link to comment https://forums.phpfreaks.com/topic/188861-getting-id-from-username/#findComment-997170 Share on other sites More sharing options...
garethhall Posted January 18, 2010 Share Posted January 18, 2010 Can I also see connection.php Quote Link to comment https://forums.phpfreaks.com/topic/188861-getting-id-from-username/#findComment-997171 Share on other sites More sharing options...
garethhall Posted January 18, 2010 Share Posted January 18, 2010 Ahh sorry it should be $row = mysql_fetch_assoc($result); Quote Link to comment https://forums.phpfreaks.com/topic/188861-getting-id-from-username/#findComment-997174 Share on other sites More sharing options...
slj90 Posted January 18, 2010 Author Share Posted January 18, 2010 It is now working with no errors ... What do I need to put on the 'loggedon.php' page to get the userID? What I am attempting to do is use it in a URL, to direct the user to a page where they update their details... <a href="./updateprofile.php?UserID=<?php echo $row["UserID"]?>">YOUR DETAILS</a> Thanks again Quote Link to comment https://forums.phpfreaks.com/topic/188861-getting-id-from-username/#findComment-997177 Share on other sites More sharing options...
garethhall Posted January 18, 2010 Share Posted January 18, 2010 This <a href="./updateprofile.php?UserID=<?php echo $_SESSION['userID']?>">YOUR DETAILS</a> I use the session as that would make sure that the user is logged in to as nothing will be updated if the session is not set. You can also simply look at the generated source code to make sure it out puts the information. The other things you need to look at is security. 1. I would never pass a username and password the the GET method as anyone could read it. 2. You need to protect mysql from sql injection (you are open to this attack at the moment) 3. you should also hash you password with sha1 or md5 Quote Link to comment https://forums.phpfreaks.com/topic/188861-getting-id-from-username/#findComment-997183 Share on other sites More sharing options...
slj90 Posted January 18, 2010 Author Share Posted January 18, 2010 Gareth, Thanks a lot for all your help, it is now working great ! At the moment security isn't too much of a big deal as I am just creating this as a small project for fun and to learn PHP and MySQL. I'm not planning on making it into an actual website with real users any time soon. Thanks again! Quote Link to comment https://forums.phpfreaks.com/topic/188861-getting-id-from-username/#findComment-997197 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.