Looking for guidance

[jukie]

Hi I'm a beginner in PHP, anyway i'm designing a website with membership, and I've created a register form and also a login, I can login and have used sessions so I can recall the username and create individual pages for each user. My next challenge is I want every user to have their own personal details stored on their individual page, the details are stored in a  another database. My question Is how to link the sessions of the users to personal databases which are created in MySQL

let me explain more.

 

the user logged in

welcome page the session will be called

load up personal details from a  second database

 

Now I would need to link up another database to the members database using their ID key

 

Members

ID -Primary Key

 

The second Database

stuff will be inserted in this

this will have to link up to the members database

 

Now I'm not looking for an answer from you on how to do this, just recommend on what tutorials I should be following, and where to find more details on doing this.

 

 

[cpd]

MySQL is a Relational Database Management System. From what you've described you should have only created 1 database with different tables; not multiple databases. It's essential you get your database correct before starting your application as it sets the building blocks. 

 

One question: if you're new to PHP but have managed to create a login script, why can't you continue researching to find out how to manage authenticated users within a website?

[jukie]

MySQL is a Relational Database Management System. From what you've described you should have only created 1 database with different tables; not multiple databases. It's essential you get your database correct before starting your application as it sets the building blocks. 

 

One question: if you're new to PHP but have managed to create a login script, why can't you continue researching to find out how to manage authenticated users within a website?

Thanks for replying, yeah I got my words wrong, I have created 3 tables in one database and want to use the three tables on the individual page. I came on here just to point me in the right away as there is thousands of articles and I wasn't sure what to look for, I was stuck on keyword for google to search the right tutorials.

[cpd]

Assuming you have a "user" table. Store their personal details in that, e.g. email.

• When a user logs in, set a session with their user ID that will be used to authorise the user when they try to access a restricted page.
• When the user makes a request for a restricted page, e.g. their details page, verify they're logged in by testing for the session(s) you set when/if they logged in.
  • If they are logged in, retrieve the user details from the database and output them however you like.
  • If they aren't logged in, redirect them to the login page.

A login mechanism requires state and state is brought to the web using sessions and cookies.

 

Follow the above relatively generalised method for all pages you want to restrict access to.

 

You can google "login system php", "authentication system php" or anything along those lines to find out how its done.

[jukie]

Assuming you have a "user" table. Store their personal details in that, e.g. email.

• When a user logs in, set a session with their user ID that will be used to authorise the user when they try to access a restricted page.
• When the user makes a request for a restricted page, e.g. their details page, verify they're logged in by testing for the session(s) you set when/if they logged in.
  • If they are logged in, retrieve the user details from the database and output them however you like.
  • If they aren't logged in, redirect them to the login page.

A login mechanism requires state and state is brought to the web using sessions and cookies.

 

Follow the above relatively generalised method for all pages you want to restrict access to.

 

You can google "login system php", "authentication system php" or anything along those lines to find out how its done.

Thanks for explaining how the process works. At the moment I am using the username in the Session, should I be using the id of the profile in the session? As the ID of the user is linked to another table with information that needs to be displayed.

[cpd]

If the username is unique you can use either. That said, if you want to use the ID to retrieve data without having to query the "user" table then yes, using the ID would be better. 

 

You just need to ensure your storing a uniquely identifying piece of data for that user.

[jukie]

I have two tables, the first table primary key is UserID , in my second table I have UserID so struggling to link these up

 

User ID (Primary Key)

First Name

Email

Username

Password

 

Table 2 (User Comments)

ID (Primary key)

Name

Comment

User ID   (Foreign key)

 

Now I can login with different usernames and a passwords and when I post a comment, Table 2 User ID remains blank, instead of being filled with the User ID from table 1 (whoever the user is)

 

This is my query in the php web page (second table)

 

$selected = mysql_select_db("gotmembers", $connection)
or die ("could not connect to mycomments");
      
       $Name = $_POST['Name'];
       $Comment= $_POST['Comment'];
     
      
       $query = "INSERT INTO mycomments ( Name, Comment, )
       VALUES ('$Name', '$Comment')";
       $sucess = mysql_query($query);
      
       if ($sucess) echo '<script type="text/javascript">window.location.href="sucess.php";</script>'
          
 how do I insert the UserID of the user into this query.

Edited June 9, 2013 by jukie

[cpd]

Your database doesn't really make sense. If you have a `user_id` field in the database, don't have a `name` field as well. You should retrieve the name from the `user` table, when you need to display the messages, using a JOIN. If a user is logged in, I usually store their ID as session data to easily retrieve their details. In this case you can just use that ID in your query as the user logged in is the one posting a new message.

 

You shouldn't be redirecting by echoing out a bit of javascript either. Use header("Location: success.php") instead.

[jukie]

The name is nothing to do with the user id (the name is the headline for the comment). Thanks for the tips, my session id is the username and not the ID and the username are not unique so maybe I should make the username unique.

[jukie]

Thanks CDP, I got it working now   Just changed it to unique username instead of User ID. Just made more sense to me. Just need to work on my css skills for pretty tables.

[jukie]

I would rather use User Id as it will be much easier then asking users for unique usernames. But how would I collect the id number of the user, i'm collecting the username from the login process. Do you understand my question as i'm not good at explaining myself.

[cpd]

Yes. If you're going to authenticate a user with a username, you need to make it unique else two users could in theory login with each others credentials. When you query the database for the user, select the user ID and store it in as a session variable as you are with the username.