andy_b_1502 Posted May 21, 2012 Share Posted May 21, 2012 Hi everyone, I have a login area, and i also have set up for me is a view page... the view page is each user's sort of profile, it gets id and displays relevant content. i was wondering if i could get the id or post rather through a re-direct on log in? for example user logs in with username and password, user is re-directed to the view page like this: header( "refresh:5;url=view00=id.php " ); echo '<h1>You will be re-directed in 5 seconds...</h1>'; user is taken to view page where they can edit bits on it. So far though i'm getting page not found error? first of all is this possible? if not whats the correct way/better way? Thanks Quote Link to comment Share on other sites More sharing options...
andy_b_1502 Posted May 21, 2012 Author Share Posted May 21, 2012 just an update: changed things around to look like this header( "refresh:5;url=view00.php?id=$row'id' " ); echo $row['id']; echo '<h1>You will be re-directed in 5 seconds...</h1>'; i'm getting this in the browser: www.website.com/view00.php?id=Array'id' where it should be for example: www.website.com/view00.php?id=51 where 51 is the id of the listing in the db table, any idea's guys?? Thank you Quote Link to comment Share on other sites More sharing options...
andy_b_1502 Posted May 21, 2012 Author Share Posted May 21, 2012 I thought i'd best post the full code. If you need any more please ask. <?PHP session_start(); include ('php only scripts/db.php'); /* set some validation variables */ $error_message = ""; /* =============================================== */ /*this section of code will set up an error message for the username if ANY of the conditions occur 1) checks to see if $_POST['username'] is NOT set 2) if length of username is less than 5 3) if username has anything other than letter, numbers or underscores */ if((!isset($_POST['username'])) || (strlen(trim($_POST['username'])) <5) || (trim($_POST['username']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['username'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid username<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['username'] . "</font><hr>"; }else{ $username = mysql_real_escape_string(trim($_POST['username'])); } /* END validating username */ /* =============================================== */ /* =============================================== */ /*this section of code will set up an error message for the password if ANY of the conditions occur 1) checks to see if $_POST['password'] is NOT set 2) if length of password is less than 5 3) if password has anything other than letter, numbers or underscores */ if((!isset($_POST['password'])) || (strlen(trim($_POST['password'])) <5) || (trim($_POST['password']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['password'])))){ /* if it is NOT set, then set the error variable and start building the error message */ $error_message = $error_message . "You must enter a valid password<br>"; $error_message = $error_message . "Valid passwords are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid password was: <font color="red">' . $_POST['password'] . "</font><hr>"; }else{ $password = trim($_POST['password']); } /* END validating password *//* =============================================== */ /* =============================================== */ /* if any of the post variables are invalid */ /* set the session variable and send back to the form page */ if(strlen(trim($error_message))>0) { $_SESSION['error_message'] =$error_message; header("Location: login00.php"); exit(); } /* =============================================== */ /* =============================================== */ /* FUNCTION TO CREATE SALT */ function createSalt(){ $string = md5(uniqid(rand(), true)); return substr($string, 0, 3); } /* check to see if username is in the table if not send back to login*/ $query01 = "SELECT id, salt FROM companies WHERE username = '$username'"; $result01 = mysql_query($query01) or die(mysql_error()); if(mysql_num_rows($result01) != 1) { header("Location: login00.php"); exit(); } $row = mysql_fetch_array($result01); $salt = $row['salt']; $password = trim($_POST['password']); $hash = hash('sha256', $salt, $password); $query02 = "SELECT id FROM companies WHERE username = '$username' AND password = '$hash'"; $result02 = mysql_query($query02) or die(mysql_error()); if(mysql_num_rows($result02) !=1){ /* not found send back to login */ header("Location: login00.php"); exit(); } /* =============================================== */ /* success!!! send them where you want */ header( "refresh:5;url=view00.php?id=echo $row'id' " ); echo '<h1>You will be re-directed in 5 seconds...</h1>'; ?> Quote Link to comment Share on other sites More sharing options...
trq Posted May 21, 2012 Share Posted May 21, 2012 $row is quite obviously an array. header("refresh:5;url=view00.php?id=" . $row['id']); Quote Link to comment Share on other sites More sharing options...
andy_b_1502 Posted May 21, 2012 Author Share Posted May 21, 2012 Thanks! wasn't that obvious to me i'm afraid, never knew about how to do the . thing, thanks again Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.