Jump to content

post id in header??


andy_b_1502

Recommended Posts

Hi everyone,

 

I have a login area, and i also have set up for me is a view page... the view page is each user's sort of profile, it gets id and displays relevant content.

 

i was wondering if i could get the id or post rather through a re-direct on log in?

 

for example user logs in with username and password,

 

user is re-directed to the view page like this:

 

header( "refresh:5;url=view00=id.php " );

echo '<h1>You will be re-directed in 5 seconds...</h1>';

 

user is taken to view page where they can edit bits on it.

 

So far though i'm getting page not found error? first of all is this possible? if not whats the correct way/better way?

 

Thanks

Link to comment
Share on other sites

just an update:

 

changed things around to look like this

 

header( "refresh:5;url=view00.php?id=$row'id' " );
echo $row['id'];
echo '<h1>You will be re-directed in 5 seconds...</h1>';

 

i'm getting this in the browser:  www.website.com/view00.php?id=Array'id'

 

where it should be for example: www.website.com/view00.php?id=51

 

 

where 51 is the id of the listing in the db table, any idea's guys??

 

Thank you

Link to comment
Share on other sites

I thought i'd best post the full code. If you need any more please ask.

 

<?PHP
session_start();
include ('php only scripts/db.php');
/* set some validation variables */
$error_message = "";
/* =============================================== */
/*this section of code will set up an error message for the
username if ANY of the conditions occur	
1) checks to see if $_POST['username'] is NOT set	
2) if length of username is less than 5	
3) if username has anything other than letter, numbers or underscores
*/
if((!isset($_POST['username'])) || (strlen(trim($_POST['username'])) <5) || (trim($_POST['username']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['username'])))) {	
/* if username is bad start building the error message */	
$error_message = "You must enter a valid username<br>";	
$error_message = $error_message . "Valid names  are min 5 characters and use letters, numbers and underscores only.<br>";	
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['username'] . "</font><hr>";
}else{
$username = mysql_real_escape_string(trim($_POST['username']));
}
/* END validating username */
/* =============================================== */

/* =============================================== */
/*this section of code will set up an error message for the password if ANY of the conditions occur	
1) checks to see if $_POST['password'] is NOT set	
2) if length of password is less than 5	
3) if password has anything other than letter, numbers or underscores
*/
if((!isset($_POST['password'])) || (strlen(trim($_POST['password'])) <5) || (trim($_POST['password']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['password'])))){
/* if it is NOT set, then set the error variable and start building the error message */	
$error_message = $error_message . "You must enter a valid password<br>";	
$error_message = $error_message . "Valid passwords are min 5 characters and use letters, numbers and underscores only.<br>";	
$error_message = $error_message . 'Your invalid password was: <font color="red">' . $_POST['password'] . "</font><hr>";
}else{
$password = trim($_POST['password']);
}
/* END validating password *//* =============================================== */
/* =============================================== */

/* if any of the post variables are invalid */
/* set the session variable and send back to the form page */
if(strlen(trim($error_message))>0) {	
$_SESSION['error_message'] =$error_message;	
header("Location: login00.php");	
exit();
}
/* =============================================== */
/* =============================================== */
/* FUNCTION TO CREATE SALT */
function createSalt(){
$string = md5(uniqid(rand(), true));
return substr($string, 0, 3);
}

/* check to see if username is in the table if not send back to login*/
$query01 = "SELECT id, salt FROM companies WHERE username = '$username'";
$result01 = mysql_query($query01)  or die(mysql_error());
if(mysql_num_rows($result01) != 1) {	
header("Location: login00.php");	
exit();
}
$row = mysql_fetch_array($result01);
$salt = $row['salt'];
$password = trim($_POST['password']);
$hash = hash('sha256', $salt, $password);
$query02 = "SELECT id FROM companies WHERE username = '$username' AND password = '$hash'";
$result02 = mysql_query($query02)  or die(mysql_error());
if(mysql_num_rows($result02) !=1){ 
/* not found send back to login */	
header("Location: login00.php");	
exit();
}

/* =============================================== */
/* success!!! send them where you want */

header( "refresh:5;url=view00.php?id=echo $row'id' " );

echo '<h1>You will be re-directed in 5 seconds...</h1>';

?>

 

 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.