ShootingBlanks Posted August 17, 2007 Share Posted August 17, 2007 Hello. Sorry if this is easy, but I'm drawing a blank here... I have a simple login form. Two fields - username/password. I have a database table ("users") with user_id, username, pwd. I have the login form working as far as either logging you in if you're int he database, or else directing you to an error page if you're not in the database. But what I want to do is this... ...have it so that it somehow remembers the "user_id" throughout your browsing session. Because I need that user_id to be used in other sections of the site after you log in. Specifically, when you log in you are able to post text in fields of another database table ("documents"). I want to keep track of which users are populating the "documents" table, so if I could capture their user ID (from when they first logged in) whenever they submit a post, it would automatically put their "user_id" from the initial logon screen into the "user_id" field of the "documents" table that they're populating. I assume this entails somehow using a hidden field for "user_id" on both the logon screen and the posting screen, but I'm not sure how to go about this. Any help would be greatly appreciated. Thanks!!!... Quote Link to comment Share on other sites More sharing options...
Barand Posted August 17, 2007 Share Posted August 17, 2007 Use session data On valid login, store the user id in a session variable, with $_SESSION['user_id'] = $user_id. On other pages you can then reference $_SESSION['user_id'] to get the user. You must use session_start() at the top of every script where you want to use $_SESSION. Quote Link to comment Share on other sites More sharing options...
ShootingBlanks Posted August 17, 2007 Author Share Posted August 17, 2007 On valid login, store the user id in a session variable, with $_SESSION['user_id'] = $user_id. Where does that $user_id on the right-half of the equation come from? Do I use a hidden field? How would I set that up? Thanks!... Quote Link to comment Share on other sites More sharing options...
Barand Posted August 17, 2007 Share Posted August 17, 2007 I would assume the user enter it, along with a password, when they log in. I only know what you have told us. Knowledge of php is no substitute for clairvoyance. Quote Link to comment Share on other sites More sharing options...
ShootingBlanks Posted August 18, 2007 Author Share Posted August 18, 2007 I would assume the user enter it, along with a password, when they log in. I only know what you have told us. Knowledge of php is no substitute for clairvoyance. Well, that's part of the problem. I'm asking for suggestions of how to capture the user_id from the login form. It's just a primary key, so the user would not enter it (nor would they even KNOW their user_id). If it needs to be captured in a hidden field (which I assume it does), I need help being instructed on how to go about doing that, as that is what I am unfamiliar with... Thanks!... Quote Link to comment Share on other sites More sharing options...
Barand Posted August 18, 2007 Share Posted August 18, 2007 You could do it when you validate the login session_start(); $username = sanitize($_POST['username']); $pwd = md5($_POST['password']); $sql = "SELECT user_id FROM user WHERE username = '$username' AND 'password' = '$pwd'"; $res = mysql_query($sql); if ($row = mysql_fetch_row($res)) { // valid $_SESSION['user_id'] = $row[0]; header("location: index.php"); exit; } else header("location: login.php"); ?> Quote Link to comment Share on other sites More sharing options...
ILYAS415 Posted August 18, 2007 Share Posted August 18, 2007 barand u made a few mistakes in ur code Quote Link to comment Share on other sites More sharing options...
Barand Posted August 18, 2007 Share Posted August 18, 2007 I know I haven't defined sanitize() (not part of what I'm demonstrating) and I left out the connect (theirs is going to different from mine anyway) but what's there should work OK. Quote Link to comment Share on other sites More sharing options...
ILYAS415 Posted August 18, 2007 Share Posted August 18, 2007 no actually.. u made mistakes on... } else header("location: login.php"); and (im not sure of this one but)... exit; Quote Link to comment Share on other sites More sharing options...
Barand Posted August 18, 2007 Share Posted August 18, 2007 Can't see it - you'll need to spell it out for me :/ Quote Link to comment Share on other sites More sharing options...
ILYAS415 Posted August 18, 2007 Share Posted August 18, 2007 the code } else has to be }else{ and... exit; has to be exit(); Quote Link to comment Share on other sites More sharing options...
Barand Posted August 18, 2007 Share Posted August 18, 2007 That's a relief. For a moment I thought you'd found an error. else { // multiple statements } Only need {..} if multiple statements are to be executed on the if or else condition exit("Message"); otherwise exit; with no text works fine Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.