Jump to content

Make a session usable in a sql query


Recommended Posts

Hello all,


I've made this for users login, and now I want the user to only be able to see his info

so how can I use the $_SESSION['userid'] to search the database for it's value and echo results?


here is my code, I want to use the session value instead of get



      if (isset($_GET['id'])) {
      $con = mysql_connect("supremecenter14.co.uk","teko_waw","tmisabro77");
if (!$con)
  die('Could not connect: ' . mysql_error());

mysql_select_db("teko_waw", $con);

	$result = mysql_query("select * from users where id = '{$_GET['id']}'");

	$row = @mysql_fetch_array($result);
	echo "<table width=98%>";       
	        echo "<tr>";
		echo "<td valign=\"top\" width=\"120px\">";
		$rowid = $row['id'];
		echo "<td valign=\"top\">";
		echo "<table>
			<td valign=\"top\" class=\"searchtitle\">
			".$row['fname']. '  ' .$row['mname']. '  ' .$row['lname']."


and here is where they're set


if (isset($_POST['email']))
$email = mysql_real_escape_string($_POST['email']);
$password = mysql_real_escape_string($_POST['password']);


$results = mysql_query("SELECT * FROM users WHERE email = $email AND password = $password");

if(!result) {
$_SESSION['error'] = '<span style="color: red">Login Failed. Email or Password is Incorrect <br/>';	
} else {
	$row = mysql_fetch_assoc($results);
	$_SESSION['userid'] = $row['id'];
	$_SESSION['email'] = $email;
	$_SESSION['error'] = 'Login Successful<br/>. Welcome,'. $email;	


Link to comment
Share on other sites

I use


if (isset($_GET['id']) && is_numeric($_GET['id'])) {

$id = $_GET['id'];

} else redirect




if (($id == $_SESSION['mem_id'])) { // You could switch it to != and redirect first


$query =  " SELECT ................... WHERE id = $id or you could use  id = $_SESSION['mem_id']";


} else {redirect}


I also add a redirect if there is no member with that id

Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.