Jump to content

Archived

This topic is now archived and is closed to further replies.

almightyegg

showing other members profile

Recommended Posts

i use $mem[row_name] to pull up my information from a database but i want to show other peoples so i did this...
[code=php:0]
$GET = $mem[id];
[/code]
then started typing $mem[this] and $mem[that] then to see it puts in my info, not the persons id page it is  ???

how would i do that??

Share this post


Link to post
Share on other sites
[code]
<?php
$get = $_GET[id];

$sql = "SELECT * FROM dbtable WHERE user.id='$get';";
$result=mysql_query($sql);
$result2=mysql_fetch_assoc($result);
?>
Welcome to <?=$result2[username]?> profile.
[/code]

For everything else $result2[DBFIELD];

change dbfield to a field in your DB, whether it's username, email, website, or whatever

Share this post


Link to post
Share on other sites
doesnt work :(
[code=php:0]
$GET = $mem[id];

$view = "SELECT * FROM user WHERE id='$GET'";
$result=mysql_query($view);
$player=mysql_fetch_assoc($result);
[/code]
it comes out with: Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/lordofth/public_html/player/view.php on line 70

Share this post


Link to post
Share on other sites
you need register globals on

make a file called php.ini

and make the file include this: register_globals= On

Share this post


Link to post
Share on other sites
right i made that file and uploaded it to the same directory and it did nothing...:(

do i have to put something into the page im trying to make this think work on??

Share this post


Link to post
Share on other sites
[code]
<?php
$connection = mysql_connect(localhost,dbuser,dbpass);
$db = mysql_select_db(dbname,$connection);
    $sql = "SELECT * FROM user
            WHERE user.id='$_GET[id];'";
    $result = mysql_query($sql);
    $result2 = mysql_fetch_assoc($result);
    $user = $result2[username];

?>
<?
if($_GET[id] == false){
echo "No user specify";
}else {
?>
<h3>Welcome to <?=$user?>'s profile.</h3><br>

<? } ?>
[/code]

Share this post


Link to post
Share on other sites
yes....am i meant to have anything else in my .ini file??
all i have is register_globals= On
i never used ini before

Share this post


Link to post
Share on other sites
just keep the php.ini file like that for now

Share this post


Link to post
Share on other sites
[code]
$connection = mysql_connect(localhost,dbuser,dbpass);
$db = mysql_select_db(dbname,$connection);

$member_id = $_GET['id'];

echo $member_id;  //check to see if there is a value

  $sql = "SELECT * FROM user
           WHERE user.id='$member_id'";
   $result = mysql_query($sql) or die(mysql_error());
   $result2 = mysql_fetch_assoc($result);
   $user = $result2['username'];

?>
<?
if($member_id == false){
echo "No user specify";
}else {
?>
<h3>Welcome to <?=$user?>'s profile.</h3><br>

<? } ?>[/code]

Is $member_id blank when it echos out

Share this post


Link to post
Share on other sites
shows this still:
Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/lordofth/public_html/player/view.php on line 70

Share this post


Link to post
Share on other sites
if no member of that id is valid it will just create blank fields

Share this post


Link to post
Share on other sites
you do have the php.ini file right? with register_globals= On right?

Share this post


Link to post
Share on other sites
Can't it be done without enabling register_globals?  Just trying to keep with the whole "Lets try to make secure code" idea...

Share this post


Link to post
Share on other sites
can you post your full source code you should not need registered globals on to get a value

Share this post


Link to post
Share on other sites
[code=php:0]
<?
session_start(); // Session Start
include 'database.php'; // Connect to DB
$email = $_SESSION['email'];
$password = $_SESSION['password'];
if((!$email) || (!$password)){
echo "Please enter ALL of the information! <br />";
include 'index.php';
exit();
}
// check if the user info validates the db
$password2 = md5($password);
if((!$email) || (!$password)){
echo "Please enter ALL of the information! <br />";
echo '<a href=index.html>Click here to return to the main page</a>';
exit();
}
// check if the user info validates the db
$sql = mysql_query("SELECT * FROM users WHERE email='$email' AND password='$password2' AND activated='1'");
$login_check = mysql_num_rows($sql);

if($login_check == 0){
$sql1 = mysql_query("SELECT * FROM users WHERE email='$email'");
$sql2 = mysql_query("SELECT * FROM users WHERE email='$email' AND password='$password2'");
$sql3 = mysql_query("SELECT * FROM users WHERE email='$email' AND password='$password2' AND activated='1'");
$c1 = mysql_num_rows($sql1);
$c2 = mysql_num_rows($sql2);
$c3 = mysql_num_rows($sql3);
//"Your email and password dont match or you didnt validate your account yet"
echo"The following errors were found from your login.<br>";
if($c1==0){
echo"The email you've entered was not valid. Please go back and <a href=index.php>try again</a>.";
}elseif($c2==0){
echo"The password you've entered was incorrect. Please go back and <a href=index.php>try again</a>. If you would like your password sent to you via email please <a href=lostpw.php>click here</a>";
}elseif($c3==0){
echo"You did not yet validate your account! If you would like your validation code sent to you via email please <a href=resend.php>click here</a>.";
}
}else{
$mems = mysql_query("SELECT * FROM users WHERE email='$email'") or die(mysql_error());
$mem = mysql_fetch_array($mems);
$clt = mysql_query("SELECT * FROM clutch WHERE id='$id'") or die(mysql_error());
$clutch = mysql_fetch_array($clt);
$link = mysql_query("SELECT * FROM links") or die(mysql_error());
$qlink = mysql_fetch_array($link);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link rel="stylesheet" href="default.css">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title><? echo $clutch[name] ?></title>
</head>

<body bgcolor=black>
<center>
<?
$tags = array('{MEM_ID}', '{MEM_USERNAME}', '{MEM_CLUTCH}');
$vals = array($mem['id'], $mem['username'], $mem[clutch]);
$qlink['quicklinks'] = str_replace($tags, $vals, $qlink['quicklinks']);
echo "$qlink[quicklinks]";
?>
</center>
<table border=0 width=100% cellpadding=15>
<td width=150 valign=top>
<?
$GET = $mem[id];

$view = "SELECT * FROM user WHERE user.id='$GET'";
$result = mysql_query($view);
$result2 = mysql_fetch_assoc($result);
$user = $result2[username];


if($mem[gender] == Male){
?>
<img src=http://lordoftheabyss.com/images/male.JPG title=Male>
<?
}else{
?>
<img src=http://lordoftheabyss.com/images/female.JPG title=Female>
<?
}
if($mem[id] == ('1') || ('2') || ('3') || ('4') || ('5') || ('6') || ('7') || ('8') || ('9') || ('10')){
?>
<img src=http://www.lordoftheabyss.com/images/admin.png title=Administrator><br>
<?
}else{
}
echo "<img src=$mem[img]>";
?>
</td>
<td valign=top>
<? echo $user ?>
</tD>
</table>
<center>
<?
$tags = array('{MEM_ID}', '{MEM_USERNAME}', '{MEM_CLUTCH}');
$vals = array($mem['id'], $mem['username'], $mem[clutch]);
$qlink['quicklinks'] = str_replace($tags, $vals, $qlink['quicklinks']);
echo "$qlink[quicklinks]";
?>
</center>
<?
}
?>
</body>
</html>
[/code]

Share this post


Link to post
Share on other sites
on the select you have been working should it be users and not user

SELECT * FROM users WHERE users.id='$GET'";

Share this post


Link to post
Share on other sites
right, it no longer displays a delay, but displays my info...
[code=php:0]
$view = "SELECT * FROM users WHERE users.id='$GET'";
$view2 = mysql_query($view);
$view3 = mysql_fetch_assoc($view2);
$user = $view3[username];
[/code]

Share this post


Link to post
Share on other sites
still having problems,
the page is: http://www.lordoftheabyss.com/player/view.php?id=3 so therefore should show the row with id=3 but instead it shows mine (id=1)

Share this post


Link to post
Share on other sites
i think i may know why it isnt working but i dont know how to sort it...
[code=php:0]
$GET = $mem[id];
//$mem[id] is the thing i use to pull up my id

$view = "SELECT * FROM users WHERE users.id='$GET'";
//so here, it is selecting my row??
$view2 = mysql_query($view);
$view3 = mysql_fetch_assoc($view2);
$user = $view3[username];
[/code]

Share this post


Link to post
Share on other sites
OK, it seems that this has been going on a while, and you've also been fed a lot of trap!

Firstly, delete that php.ini file that you created and dropped into that directory.  A few have mentioned register_globals but none have actually explained what it means/does.  So here goes in it's simplest form:

[i]Having register_globals switched on, means that you can refer to a variable in php using the name that was provided in the request object, without the need to specify where it came from.[/i]

Example: If I have a form that has one field called 'name' and I use the method 'post' to send it to a php page and I want to use that variable.  If register_globals is switched off (by default in newer versions of php), I have to use this...

[code=php:0]echo $_POST['name'];
[/code]

If register_globals is on then I can use this:

[code=php:0]echo $name;
[/code]

It automatically imports 'name' into the variable name space, meaning I don't need to specify $_POST.

So for your example, you need to use the following code.
[code]<?php
$view = "SELECT * FROM users WHERE id = '{$_GET['id']}' LIMIT 1";
$view2 = mysql_query($view);
$view3 = mysql_fetch_assoc($view2);
$user = $view3['username'];
?>[/code]

The above example assumes that the column in the table (users) that contains the unique user ID is called 'id'

Regards
Huggie

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.