Jump to content

php session / search database


Darhkwing

Recommended Posts

Hello everyone.

 

I wonder if someone can help? I'm more of a beginner of php. I am using some code to have a user log in to the system.

 

However, i then want that logged in user to have a table displayed , from another mysql database (only display the table where his name is attached).

 

I am however struggling to do this.

 

What i want to do, is use the session name - ie "John" to then search the other database and only show the lines related to that name. I have made the code red further down.

 

I have a '$_SESSION['name']' inserted which doesn't work and to be honest i tried a few other things in it's place. Any ideas?

<?php

session_name('LoginForm');
@session_start();

error_reporting(0);
include("config.php");

?>
<!DOCTYPE html>
<!--[if lt IE 7]>      <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
<!--[if IE 7]>         <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
<!--[if IE 8]>         <html class="no-js lt-ie9"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js"> <!--<![endif]-->
    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <title>Login Form</title>
        <meta name="description" content="">
        <meta name="viewport" content="width=device-width, initial-scale=1">

        <!-- Place favicon.ico and apple-touch-icon.png in the root directory -->

        <link rel="stylesheet" href="css/main.css">
        <link href='http://fonts.googleapis.com/css?family=Roboto:400,300,500' rel='stylesheet' type='text/css'>
        <link href="//netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css" rel="stylesheet">
        <script src="js/jquery-1.8.2.min.js"></script>
        <script src="js/jquery.validate.min.js"></script>
        <script src="js/main.js"></script>
    </head>
    <body>
<?php
	$error = '';
	if(isset($_POST['is_login'])){
		$sql = "SELECT * FROM ".$SETTINGS["USERS"]." WHERE `email` = '".mysql_real_escape_string($_POST['email'])."' AND `password` = '".mysql_real_escape_string($_POST['password'])."'";
		$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
		$user = mysql_fetch_assoc($sql_result);
		if(!empty($user)){
			$_SESSION['user_info'] = $user;
			$query = " UPDATE ".$SETTINGS["USERS"]." SET last_login = NOW() WHERE id=".$user['id'];
			mysql_query ($query, $connection ) or die ('request "Could not execute SQL query" '.$query);
		}
		else{
			$error = 'Wrong email or password.';
		}
	}
	
	if(isset($_GET['ac']) && $_GET['ac'] == 'logout'){
		$_SESSION['user_info'] = null;
		unset($_SESSION['user_info']);
	}
?>
	<?php if(isset($_SESSION['user_info']) && is_array($_SESSION['user_info'])) { ?>

	    <form id="login-form" class="login-form" name="form1">

	        <div id="form-content">
	            <div class="welcome">
					<?php echo $_SESSION['user_info']['name']  ?>, you are logged in. 
                    <br /><br />
                    <?php echo $_SESSION['user_info']['content']  ?>
                    <br /><br />
                    <a href="index.php?ac=logout" style="color:#3ec038">Logout</a>
				</div>	
	        </div>
	
	    </form>
        
<?
//make the connection
// SETUP DATABASE
$dbhost = 'localhost';
$dbuser = 'ojmjfdxf_admin';
$dbpass = 'mypassword';
$dbname = 'ojmjfdxf_travelclaim';

// OPEN
$conn = mysql_connect($dbhost, $dbuser, $dbpass)or  die('Error connecting to database');
mysql_select_db($dbname);
$sql = "SELECT * FROM tbl_travelclaim WHERE fld_user='$_SESSION['name']';


$records=mysql_query($sql);

?>

<html>

<head>
<title>Travel Claims</title>
</head>

<body>
<center>
<table width="1000" border="1" cellpadding="1" cellspacing="2">

<tr>

<th>Date</th>
<th>Purpose of Journey</th>
<th>Departure</th>
<th>Destination</th>

<tr>

<?php

while($employee=mysql_fetch_assoc($records)) {

	echo "<tr>";

	
	echo "<td>".$employee['fld_date']."</td>";
	
	echo "<td>".$employee['fld_purpose']."</td>";
	
	echo "<td>".$employee['fld_departure']."</td>";
	
	echo "<td>".$employee['fld_destination']."</td>";
	

	
	echo "</tr>";
	
	}//end while

?>

</table>
</center>
</body>
</html>
<html>
<body>

</body>
</html>
	<?php } else { ?>
	    <form id="login-form" class="login-form" name="form1" method="post" action="index.php">
	    	<input type="hidden" name="is_login" value="1">
	        <div class="h1">Login Form</div>
	        <div id="form-content">
	            <div class="group">
	                <label for="email">Email</label>
	                <div><input id="email" name="email" class="form-control required" type="email" placeholder="Email"></div>
	            </div>
	           <div class="group">
	                <label for="name">Password</label>
	                <div><input id="password" name="password" class="form-control required" type="password" placeholder="Password"></div>
	            </div>
	            <?php if($error) { ?>
	                <em>
						<label class="err" for="password" generated="true" style="display: block;"><?php echo $error ?></label>
					</em>
				<?php } ?>
	            <div class="group submit">
	                <label class="empty"></label>
	                <div><input name="submit" type="submit" value="Submit"/></div>
	            </div>
	        </div>
	        <div id="form-loading" class="hide"><i class="fa fa-circle-o-notch fa-spin"></i></div>
	    </form>
	<?php } ?>   
    </body>
</html>

Link to comment
Share on other sites

Why the @ on the session_start?

 

Why are you turning error checking OFF? Don't you want it on since you are having problems? (See my signature)

 

You are missing a " on one of your queries.

 

For future thought - please try and keep your html code separate from your php code (and JS too!). Separate your business logic from your presentation code. Makes it easier to follow, easier to write and maintain and far easier to understand. Your broken up html code is producing multiple html, head and body tags. I have no idea what they will do to your browser, but clearly you have to organize it better. Learn to use php vars embedded into your html so that you can put it all together after getting your data values. That is part of the beauty of using php and html - they blend together so that you can easily insert your data exactly where it needs to go simply by outputting the var when you finally output the html. Personally, I use a function that displays my entire web page. That places most of my static html in one place, while I generate the data-laden html in my php portion and just drop the resulting var into place. Then I call that function to output everything.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.