kinetskie25 Posted April 21, 2014 Share Posted April 21, 2014 I am new to PHP coding and I may have a simple problem regarding session handling. I wish yo guys could help.. I made a simple site with user login functions. User login is working good, but there is a problem with the session handling.. What I want is that when the user logs in, the message "Welcome <user's first name here> !", but I don't know how to do that part. here's my index.php: <?php session_start(); include_once('includes/connmng.php'); if (isset($_SESSION['logged_in'])){ ?> <?php $title = "SCIS - Home" ?> <html> <?php include('fragments/head.php'); ?> <body> <div id="wrapper"> <?php include('fragments/header.html'); ?> <hr> <br> <?php include('fragments/loggedin.php'); ?> <hr> <br> <?php include('fragments/nav.html'); ?> <?php include('fragments/frontcontent.php'); ?> <hr> <br> <?php include('fragments/pollsection.php'); ?> <?php include('fragments/frontsciscont.php'); ?> <?php include('fragments/fronttechcont.php'); ?> <br> <hr> <?php include('fragments/footer.html'); ?> </div> <!--wrapper --> </body> <?php include('fragments/scripts.html'); ?> </html> <?php }else{ if(isset($_POST['username'], $_POST['password'])){ $username = $_POST['username']; $password = md5($_POST['password']); if(empty($username) or empty($password)){ $error = 'All fields required!'; }else{ $query = $pdo->prepare("SELECT * FROM users WHERE username = ? AND password = ?"); $query->bindValue(1, $username); $query->bindValue(2, $password); $query->execute(); $num = $query->rowCount(); if($num == 1){ $_SESSION['logged_in'] = true; header('Location: index.php'); exit(); }else{ $error = 'You may have entered a wrong username/password.'; } } } ?> <?php $title = "SCIS - Home" ?> <html> <?php include('fragments/head.php'); ?> <body> <div id="wrapper"> <?php include('fragments/header.html'); ?> <hr> <br> <?php include('fragments/login.php'); ?> <?php if (isset($error)){ ?> <small style="color: #aa0000;"> <?php echo $error; ?> </small> <br/> <br /> <?php } ?> <hr> <br> <?php include('fragments/nav.html'); ?> <?php include('fragments/frontcontent.php'); ?> <hr> <br> <div id="preview"> <div id="center_preview"> <?php include('fragments/pollsection.php'); ?> <?php include('fragments/frontsciscont.php'); ?> <?php include('fragments/fronttechcont.php'); ?> </div> </div> <br> <hr> <?php include('fragments/footer.html'); ?> </div> <!--wrapper --> </body> <?php include('fragments/scripts.html'); ?> </html> <?php } ?> and this is my loggedin.php: <?php include_once('includes/users.php'); $user = new Users; $users = $user->fetch_all(); ?> <?php foreach ($users as $user){ ?> Welcome, <?php echo $user['firstName']?>! <?php } ?> <a href="logout.php"> Logout </a> and here's the users.php class I saw from a tutorial: <?php class Users{ public function fetch_all(){ global $pdo; $query = $pdo->prepare("SELECT * FROM users"); $query->execute(); return $query->fetchAll(); } public function fetch_data($id){ global $pdo; $query = $pdo->prepare("SELECT * FROM user WHERE id = ?"); $query->bindValue(1, $id); $query->execute(); return $query->fetch(); } } ?> as you can see, it will display the user's first name there, but it loops, so it also displays other users' first names. How can I make it only display the first name of the logged in user? *sorry for my bad english* Link to comment https://forums.phpfreaks.com/topic/287908-session-handling-problem/ Share on other sites More sharing options...
denno020 Posted April 21, 2014 Share Posted April 21, 2014 update your SQL so that you only find 1 user. so add a WHERE clause: "WHERE user.username = $username" where user.username refers to the table (user) and the field (username) that should match the provided username ($username) from the user through the login form I notice that you don't actually check credentials, i.e. password.. so you might want to look into that also Link to comment https://forums.phpfreaks.com/topic/287908-session-handling-problem/#findComment-1476831 Share on other sites More sharing options...
davidannis Posted April 21, 2014 Share Posted April 21, 2014 denno020 is right, you need to find data for a single user. Instead of using fetch_all you can use fetch_data which returns the data for a single user. Link to comment https://forums.phpfreaks.com/topic/287908-session-handling-problem/#findComment-1476843 Share on other sites More sharing options...
Psycho Posted April 21, 2014 Share Posted April 21, 2014 I don't see the actual login script. That is where you need to start. You are apparently only checking the value of $_SESSION['logged_in'] to determine if the user is logged in or not. I assume that is a simple Boolean value (i.e. True/false). Instead, you should store the User ID within the Session data. You can then use that for both determining if the user is logged in AND to query additional details about the logged in user if you wish. However, if you plan on using the "Welcome [firstname]" on many of the pages, then you might as well store that in the session data when the user logs in as well. Don't query the database on every page load for the same information if you don't need to. So, in your login script, change it so it stores the user ID and the user's first name in session data. E.g.: $_SESSION['user_id'] and $_SESSION['user_fname'] Then change this in your index.php script if (isset($_SESSION['logged_in'])){ To: if (isset($_SESSION['user_id'])){ Then on the loggedin.php script use something like this Welcome, <?php echo $_SESSION['user_fname']?>! <a href="logout.php"> Logout </a> Link to comment https://forums.phpfreaks.com/topic/287908-session-handling-problem/#findComment-1476848 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.