CloudBreaker Posted July 13, 2015 Share Posted July 13, 2015 (edited) My goal here is to list projects by user once the user is logged in. I have the back end in PHPAdmin set up and the query works fine. I've sort of run into a wall due to my inexperience when it comes to making the query work in the code. I'm thinking it's somehow tied to setting variables relating to the SESSION VARIABLE for the user who has just logged in. You'll see my log-in page first, and in the next block I've posted my page which will list the projects for the user who has logged in. The User page is obviously not finished yet because I know the variables I need will go into the query on line 58, in addition this is my first attempt at relating tables in a query. Thanks, CB <!DOCTYPE html> <?php session_start(); $conn = mysqli_connect("localhost","root","","hsa_project_hub"); ?> <!--Project Hub index--> <html> <head> <title>Project Hub Login</title> <!-- Modernizr allows HTML5 elements to work in older browsers: http://modernizr.com/ --> <script src="js/modernizr.js"></script> </head> <style> img { display: block; margin-left: auto; margin-right: auto; box-shadow: 5px 5px 5px #888888; Float: left position: relative; } #container { background: #F0F0F0; width: 300px; display: block; margin-left: auto; margin-right: auto; border-style: solid; border-width: 1px; } h4 { font-family: "Avant Garde",Avantgarde,"Century Gothic",CenturyGothic,AppleGothic,sans-serif; font-size: 30px; color: #8F0000; float: left; position: relative; left: 70px; font-style:italic; } #copy_right { font-size: 10px; text-align: center; } </style> <body> <div id="container"> <img src="images/hsa-logo.jpg" align="middle" alt=HSA logo> <h4>Project Hub</h4> <!--Start of form--> <form action="index.php" method="post"> <table align="center" bgcolor="#F0F0F0" width="300" > <tr align="center"> </tr> <tr> <td align="right"><strong>Log-in:</strong></td> <td> <input type="text" name="user_loginName" placeholder="Enter your Log-in" required="required"/> </td> </tr> <tr> <td align="right"><strong>Password:</strong></td> <td> <input type="password" name="user_pass" placeholder="Enter your pass"required="required"/> </td> </tr> <tr align="center"> <td colspan="6"> <input type="submit" name="login" value="Login"/> </td> </tr> </table> </form> </div><!--End of Container--> <p id="copy_right">Heitkamp Swift Architects © 2015</p> <?php //Validate log-in and password if(isset($_POST['login'])) { $user_loginName = mysqli_real_escape_string($conn,$_POST['user_loginName']); $user_pass = mysqli_real_escape_string($conn,$_POST['user_pass']); $sel = "select * from hsa_users where user_loginName='$user_loginName' AND user_pass='$user_pass'"; $run = mysqli_query($conn, $sel); $check = mysqli_num_rows($run); if($check==0){ echo "<script>alert('Incorrect Log-in or Password. Try again.')</script>"; exit(); } else { $_SESSION['user_loginName']=$user_loginName; echo "<script>window.open('main.php','_self')</script>"; } } ?> </body> </html> User Page <!DOCTYPE html> <?php session_start(); if(!$_SESSION['user_loginName']){ header("location: index.php"); } else { ?> <!--Project Hub main. Listed projects are dependant upon login permissions--> <html> <head> <title>Project Hub Projects</title> <link href="hsastyle.css" rel="stylesheet"> </head> <body> <div id="main_container"> <p><em>version 1.0 beta</em></p> <div id="banner"> <div id="logo"> <img src="images/hsa-logo.jpg" alt=HSA logo> </div> <H2><em>Project Hub</em></h2> <h5><a href="logout.php">Log Out</a></h5> </div> <!--End Banner--> <h1>PROJECTS:</h1><br> <!--List of projects by user --> <table align="center"> <tr align="center"> <th>Project Name</th> <th>Project (HSA) No.</th> <th>RFI's</th> <th>Submittals</th> </tr> <?php //Getting projects from user session variable $sel = "select * from hsa_users,projects,member_project WHERE projects.id=member_project.project_id AND member_project.user_id=2 AND hsa_users.id=2"; ?> </table> </div> <!--End main container--> <div id="copy_right" <p id="copy_right">Heitkamp Swift Architects © 2015</p> </div> <?php ?> </body> </html> <?php } ?> Edited July 13, 2015 by CloudBreaker Quote Link to comment https://forums.phpfreaks.com/topic/297271-trouble-converting-user-id-into-variable/ Share on other sites More sharing options...
Torrie Posted July 13, 2015 Share Posted July 13, 2015 Nobody has answered, so I think I will jump in and try to help. In your CSS code, you have: font-family: "Avant Garde",Avantgarde,"Century Gothic",CenturyGothic,AppleGothic,sans-serif; Simply switch "Avantgarde" with "CenturyGothic" like this: font-family: "Avant Garde",CenturyGothic,"Century Gothic",Avantgarde,AppleGothic,sans-serif; Then your code should work. Quote Link to comment https://forums.phpfreaks.com/topic/297271-trouble-converting-user-id-into-variable/#findComment-1516182 Share on other sites More sharing options...
mac_gyver Posted July 13, 2015 Share Posted July 13, 2015 when the user logs in, retrieve the user id from the database table and store it in a session variable - $_SESSION['user_id'] = $row['whatever_your_id_column_name_is']; // assuming that you have executed a database fetch statement and assigned the row to $row then, just use $_SESSION['user_id'] at the point where you need to reference the currently logged in user's id. Quote Link to comment https://forums.phpfreaks.com/topic/297271-trouble-converting-user-id-into-variable/#findComment-1516184 Share on other sites More sharing options...
CloudBreaker Posted July 14, 2015 Author Share Posted July 14, 2015 (edited) Thanks mac_gyver. I'm still having some issues...I've set the session variables that I need, but for some reason, on the next page the only variable that is carried through is the 'user_loginName' variable. When the login in directed to main.php line 43 successfully echos the "user_loginName" while line 15 and 16 returns an "undefined index" error. I don't understand why the "id" and the "user_firstName" variables are not echoing or not passing through to page for that matter. thanks CB index.php (the log-in page) <?php //Validate log-in and password if(isset($_POST['login'])) { $user_loginName = mysqli_real_escape_string($conn,$_POST['user_loginName']); $user_pass = mysqli_real_escape_string($conn,$_POST['user_pass']); $id = ($conn['id']); $user_firstName = ($conn['user_firstName']); $sel = "select * from hsa_users where user_loginName='$user_loginName' AND user_pass='$user_pass' AND id='$id' AND user_firstName='$user_firstName'"; $run = mysqli_query($conn, $sel); $check = mysqli_num_rows($run); if($check==0){ echo "<script>alert('Incorrect Log-in or Password. Try again.')</script>"; exit(); } else { $_SESSION['user_loginName']=$user_loginName; $_SESSION['id']=$id; $_SESSION['user_firstName']=$user_firstName; echo "<script>window.open('main.php','_self')</script>"; } } ?> main.php <!DOCTYPE html> <?php session_start(); if(!$_SESSION['user_loginName']){ header("location: index.php"); } else { ?> <?php // Echo session variables that were set on previous page echo " The ID is " . $_SESSION["id"] . ".<br>"; echo "The First Name is " . $_SESSION["user_firstName"] . "."; ?> <!--Project Hub main. Listed projects are dependant upon login permissions--> <html> <head> <title>Project Hub Projects</title> <link href="hsastyle.css" rel="stylesheet"> </head> <body> <div id="main_container"> <p><em>version 1.0 beta</em></p> <div id="banner"> <div id="logo"> <img src="images/hsa-logo.jpg" alt=HSA logo> </div> <H2><em>Project Hub</em></h2> <h5><a href="logout.php">Log Out</a></h5> <H6>Welcome <?php echo $_SESSION['user_loginName'];?> </div> <!--End Banner--> Edited July 14, 2015 by CloudBreaker Quote Link to comment https://forums.phpfreaks.com/topic/297271-trouble-converting-user-id-into-variable/#findComment-1516279 Share on other sites More sharing options...
scootstah Posted July 14, 2015 Share Posted July 14, 2015 You need to call session_start() before any output. Quote Link to comment https://forums.phpfreaks.com/topic/297271-trouble-converting-user-id-into-variable/#findComment-1516280 Share on other sites More sharing options...
CloudBreaker Posted July 14, 2015 Author Share Posted July 14, 2015 I did call session_start() at the top of the index.php page...I'm just not showing it. You can see in on my very first post before my previous edit. thanks. Quote Link to comment https://forums.phpfreaks.com/topic/297271-trouble-converting-user-id-into-variable/#findComment-1516285 Share on other sites More sharing options...
Ch0cu3r Posted July 14, 2015 Share Posted July 14, 2015 In the code you posted you are calling session_start() after the opening <DOCTYPE html> tag. This is wrong, it needs to be called before that line. Anything that is outside of the php tags is classed as output. This is what scootstah meant by his post. You should rearrange your code in your scripts so all processing is done before you begin to output any HTML. Eg your code should be layout like Eg <?php session_start(); // process the login here ?> then you output your html here Quote Link to comment https://forums.phpfreaks.com/topic/297271-trouble-converting-user-id-into-variable/#findComment-1516294 Share on other sites More sharing options...
CloudBreaker Posted July 14, 2015 Author Share Posted July 14, 2015 Thanks Ch0cu3r. Quote Link to comment https://forums.phpfreaks.com/topic/297271-trouble-converting-user-id-into-variable/#findComment-1516319 Share on other sites More sharing options...
Solution mac_gyver Posted July 14, 2015 Solution Share Posted July 14, 2015 $id = ($conn['id']); $user_firstName = ($conn['user_firstName']); ^^^ you may be setting session variables using the result from the above two lines of code, but they are not the values that you think they are. $conn in those two lines of code is your database connection. both of those lines of code should be throwing php errors, because there is no id or user_firstName values having anything to do with $conn. in order to retrieve the row from your database table, you need to execute a mysqli_fetch_assoc() statement. and in looking at the sql query statement, you have now added some conditions in it that will never be true. your login should always be failing. you are also (apparently) storing passwords in your database table in plain text. this is not safe as it will allow anyone that gains access to your data to have the raw passwords. php has password_hash() and password_verify() functions that you should be using. there are examples of how to use them in the php.net documentation. Quote Link to comment https://forums.phpfreaks.com/topic/297271-trouble-converting-user-id-into-variable/#findComment-1516327 Share on other sites More sharing options...
CloudBreaker Posted July 14, 2015 Author Share Posted July 14, 2015 ^^^ you may be setting session variables using the result from the above two lines of code, but they are not the values that you think they are. I was setting them with the POST variables taken from the user input. The only error I'm receiving is an unassigned index error after I log in...everything else is functioning as expected up to this point in the code minus the these to variables not carrying over. I now realize I have to treat this separately with the correct syntax with a a mysqli_fetch_assoc() statement as you mentioned . Maybe I just should assign these two session variables on the main page instead of the log-in page. I plan on hashing the passwords after I get everything working smoothly...currently I'm doing all this locally. thanks again all $user_loginName = mysqli_real_escape_string($conn,$_POST['user_loginName']); $user_pass = mysqli_real_escape_string($conn,$_POST['user_pass']); Quote Link to comment https://forums.phpfreaks.com/topic/297271-trouble-converting-user-id-into-variable/#findComment-1516341 Share on other sites More sharing options...
CloudBreaker Posted July 15, 2015 Author Share Posted July 15, 2015 Got it with staff_alumni's suggestion...thanks all. On to the next road bump. Quote Link to comment https://forums.phpfreaks.com/topic/297271-trouble-converting-user-id-into-variable/#findComment-1516379 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.