Viewing profile information through the url.

[Namtip]

I'm trying to create a profile page that an unregistered user can view when he enters in the username into the url (e.g. http://localhost/username) Just recently got my mode_rewrite going (tried and tested), but I don't get the users information coming up in the page. Am I going about this the right way?

 

This is what the page shows:

The requested page was:

Notice: Undefined variable: name_id in C:\x\xampp\htdocs\pages\profile.php on line 27

 

Notice: Undefined variable: name in C:\x\xampp\htdocs\pages\profile.php on line 28

 

Notice: Undefined variable: password in C:\x\xampp\htdocs\pages\profile.php on line 29

 

profile.php

<?php
include 'db.inc.php';

$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or 
    die ('Unable to connect. Check your connection parameters.');

mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db));
$query = 'SELECT
        name_id, name, password
        FROM
        user
        WHERE
        name = "' . mysql_real_escape_string($_GET['name'], $db) . '"';
    $result = mysql_query($query, $db) or die(mysql_error());


?>

<html>
   <head>
      <title> <?php echo $name; ?> </title>
   </head>
   <body>
      <p>
         The requested page was:
<?php
echo $name_id; 
echo $name;
echo $password;

?>
      </p>
   </body>
</html>

I've been messing around with this for awhile so I'm going to hit the sack.

[sKunKbad]

What do your rewrite rules look like?

[PFMaBiSmAd]

You are executing the query, but not fetching anything from the result set, so it will be a little hard to display anything.

[Namtip]

My rewrite values look like that.

Options +FollowSymlinks
RewriteEngine on
RewriteOptions MaxRedirects=10

RewriteRule ^(.{4,12})$ http://localhost/pages/profile.php?name=$name [NC]
RewriteRule ^$http://localhost/pages/login.php [R=301,NC] 

 

Do I need to change the WHERE part of the query? Because the mysql matches up with the script I run below to configure mysql.

 

$query = 'CREATE TABLE IF NOT EXISTS user (
			name_id						INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
			name						VARCHAR(50)	NOT NULL,
			password    				CHAR(41)    NOT NULL,
			admin_level					TINYINT UNSIGNED NOT NULL DEFAULT 0,

	PRIMARY KEY (name_id)
    )
    ENGINE=MyISAM';
mysql_query($query, $db) or die (mysql_error($db));

[Namtip]

You are executing the query, but not fetching anything from the result set, so it will be a little hard to display anything.

 

        WHERE
        name = "' . mysql_real_escape_string($_GET['name'], $db) . '"';

 

Is this the right way of pulling the url variable to cross reference and select the database?

 

Does the 'name' variable need to be a primary key for it to pull the related information into the page?

Is it correct for me to be using the $_GET function?

[Namtip]

I've echoed the variable:

 

echo $_GET['name'];

 

but it only displays "$name" instead of the value I've typed in the url. This is why the query isn't being executed in the way I like.

 

How do I get the value to be what I asked it to be in the url??

 

[PFMaBiSmAd]

In a way, that is kind of funny. "$name" is exactly what your rewrite rule is setting ?name= equal to. I think you meant to use $1

[samoi]

I'm not positive of what you want exactly. But I will try to help!

 

You need to fetch the row that mysql_query returned to echo out the vars $name, $name_id, $password!

 

something like this will be good!

<?php
include 'db.inc.php';

$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or 
    die ('Unable to connect. Check your connection parameters.');

mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db));
$query = 'SELECT
        name_id, name, password
        FROM
        user
        WHERE
        name = "' . mysql_real_escape_string($_GET['name'], $db) . '"';
    $result = mysql_query($query, $db) or die(mysql_error());
    // something like this will do the trick!
    $name_id = $result[0];
    $name = $result[1];
    $password = $result[2];
?>

 

 

That's it!

[PFMaBiSmAd]

$result isn't the data values that the query returns.

[Namtip]

It's fixed! Thanks so much guys. PFMaBiSmAd you're a real life php hero.

 

I'm going to post the final code to help anyone else that might be having similar problems

 

profile.php

<?php
include 'db.inc.php';

$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or 
    die ('Unable to connect. Check your connection parameters.');

mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db));
$query = 'SELECT
        name_id, name, password
        FROM
        user
        WHERE
        name = "' . mysql_real_escape_string($_GET['name']) . '"';
    $result = mysql_query($query, $db) or die(mysql_error());
    // something like this will do the trick!

$row = mysql_fetch_assoc($result);
    extract($row);
?>
<html>
<head><title><?php echo $_GET['name'];?></title></head>

<body>
<?php
echo $name_id;
echo $name;
echo $password;
?>
</body>
</html>

 

.htaccess

Options +FollowSymlinks
RewriteEngine on
RewriteOptions MaxRedirects=10

RewriteRule ^(.{4,12})$ http://localhost/pages/profile.php?name=$1 [NC]
RewriteRule ^$http://localhost/pages/login.php [R=301,NC] 

 

mysqldb.php

<?php
require 'db.inc.php';

$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or 
    die ('Unable to connect. Check your connection parameters.');
mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db));

$query = 'CREATE TABLE IF NOT EXISTS user (
			name_id		INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
			name						VARCHAR(50)	NOT NULL,
			password    				CHAR(41)    NOT NULL,
			admin_level			TINYINT UNSIGNED NOT NULL DEFAULT 0,

	PRIMARY KEY (name_id)
    )
    ENGINE=MyISAM';
mysql_query($query, $db) or die (mysql_error($db));
echo 'Success!';

 

Hope the phpfreaks don't mind me posting that wall of code, I just thought it might help people. Thanks again!