Jump to content

New to PHP - need help with something that's probably simple?...


ShootingBlanks

Recommended Posts

Hello.  Sorry if this is easy, but I'm drawing a blank here...

 

I have a simple login form.  Two fields - username/password.

 

I have a database table ("users") with user_id, username, pwd.  I have the login form working as far as either logging you in if you're int he database, or else directing you to an error page if you're not in the database.  But what I want to do is this...

 

...have it so that it somehow remembers the "user_id" throughout your browsing session.  Because I need that user_id to be used in other sections of the site after you log in.  Specifically, when you log in you are able to post text in fields of another database table ("documents").  I want to keep track of which users are populating the "documents" table, so if I could capture their user ID (from when they first logged in) whenever they submit a post, it would automatically put their "user_id" from the initial logon screen into the "user_id" field of the "documents" table that they're populating.

 

I assume this entails somehow using a hidden field for "user_id" on both the logon screen and the posting screen, but I'm not sure how to go about this.  Any help would be greatly appreciated.  Thanks!!!...

 

Use session data

 

On valid login, store the user id in a session variable, with

 

$_SESSION['user_id'] = $user_id.

 

On other pages you can then reference $_SESSION['user_id'] to get the user.

 

You must use session_start() at the top of every script where you want to use $_SESSION.

On valid login, store the user id in a session variable, with

 

$_SESSION['user_id'] = $user_id.

 

Where does that $user_id on the right-half of the equation come from?  Do I use a hidden field?  How would I set that up?  Thanks!...

 

I would assume the user enter it, along with a password, when they log in.  I only know what you have told us. Knowledge of php is no substitute for clairvoyance.

Well, that's part of the problem.  I'm asking for suggestions of how to capture the user_id from the login form.  It's just a primary key, so the user would not enter it (nor would they even KNOW their user_id).  If it needs to be captured in a hidden field (which I assume it does), I need help being instructed on how to go about doing that, as that is what I am unfamiliar with...

 

Thanks!...

You could do it when you validate the login

session_start();

$username = sanitize($_POST['username']);
$pwd = md5($_POST['password']);

$sql = "SELECT user_id FROM user
          WHERE username = '$username' AND 'password' = '$pwd'";
$res = mysql_query($sql);
if ($row = mysql_fetch_row($res))
{
      // valid
      $_SESSION['user_id'] = $row[0];
      header("location: index.php");
      exit;
}
else header("location: login.php");
?>

That's a relief. For a moment I thought you'd found an error.

 

else {

    // multiple statements

}

 

Only need {..} if multiple statements are to be executed on the if or else condition

 

exit("Message");

 

otherwise exit; with no text works fine

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.