Jump to content

user authentication -- displaying info based on login

atticus

By atticus
in PHP Coding Help

 Share

Recommended Posts

atticus Regular Member

atticus

Posted
Posted

I would like to display the database info based on the user's login.  I am getting the following error:

 

Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or `T_NUM_STRING'

 

Code:

$sql = "SELECT $_GET['user_id'] FROM table_auth_user";
$query = mysql_query($sql);
while($row = mysql_fetch_array($query)) {
echo "".$row['user_id']."";
echo "<br /></div>";
}

 

 

nuxy Member

nuxy

Posted
Posted

oops:

 

error on above query:

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in .././..//

Why would the "user_id" ever we an value such as that, shouldn't it only be numerical?

Please post the full script.

atticus Regular Member

atticus

Posted
  • Author
Posted

database structure:

 

field: user_id varchar(primary)

field: password char

<?php
session_start();

// is the one accessing this page logged in or not?
if (!isset($_SESSION['db_is_logged_in']) 
   || $_SESSION['db_is_logged_in'] !== true) {

   // not logged in, move to login page
   header('Location: login.php');
   exit;
}

?>

<?php

include("config.php");
$sql = "SELECT " . $_GET['user_id'] . " FROM table_auth_user";
$query = mysql_query($sql);
while($row = mysql_fetch_array($query)) {
echo "".$row['user_id']."";
echo "<br /></div>";
}


?>

nuxy Member

nuxy

Posted
Posted

Firstly, clean your input variables, and then process them.

Still, you did not answer my question, why it the user_id referring to an directory/file?

 

<?php
session_start();

// is the one accessing this page logged in or not?
if (!isset($_SESSION['db_is_logged_in']) 
   || $_SESSION['db_is_logged_in'] !== true) {

   // not logged in, move to login page
   header('Location: login.php');
   exit;
}

include("config.php");
$user_id = mysql_real_escape_chars(htmlspecialchars($_GET['user_id']));
$sql = "SELECT " . $user_id . " FROM table_auth_user";
$query = mysql_query($sql);
while($row = mysql_fetch_array($query)) {
echo "".$row['user_id']."";
echo "<br /></div>";
}

?>

atticus Regular Member

atticus

Posted
  • Author
Posted

I could have named user_id, user_name;

 

I have two tables...one table contains the user authentication and the other one contains file info. 

 

Both tables contain the field user_id

 

When the admin uploads a file, she has the option to select a user from a drop down menu. 

 

When that user logs in, the user will only be able to see the files associated with their name

 

I don't understand how to display just that user's info based on their login.  Do you need to see the login page?

 

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.