atticus Posted November 12, 2007 Share Posted November 12, 2007 When user logs in, needs to be redirected to customized page for that user login.php: session_start(); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { include 'config.php'; $userId = $_POST['txtUserId']; $password = $_POST['txtPassword']; // check if the user id and password combination exist in database $sql = "SELECT user_id FROM tbl_auth_user WHERE user_id = '$userId' AND user_password = PASSWORD('$password')"; $result = mysql_query($sql) or die('Query failed. ' . mysql_error()); if (mysql_num_rows($result) == 1) { // the user id and password match, // set the session $_SESSION['db_is_logged_in'] = true; // after login we move to the main page header('Location: index.php'); exit; } else { Session on index page: <?php session_start(); // is the one accessing this page logged in or not? if (!isset($_SESSION['db_is_logged_in']) || $_SESSION['db_is_logged_in'] !== true) { // not logged in, move to login page header('Location: login.php'); exit; } ?> This is the echo: <?php include("config.php"); $sql = "SELECT {$_GET['user_id']} FROM table_auth_user"; $query = mysql_query($sql); while($row = mysql_fetch_array($query)) { echo "".$row['user_id'].""; echo "<br /></div>"; } ?> error message: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in Quote Link to comment Share on other sites More sharing options...
Psycho Posted November 12, 2007 Share Posted November 12, 2007 First - always use CODE tags int he forum! I didn't look through all of your code for possible errors, but I see the cause of yur error message. Your SQL statement is totally wrong, plus you should always add an event handler to catch such an error. Here is the right format for the query. <?php $sql = "SELECT * FROM table_auth_user where user_id = '{$_GET['user_id']}'"; $query = mysql_query($sql) of die (mysql_error()); while($row = mysql_fetch_array($query)) { echo "".$row['user_id'].""; echo "<br /></div>"; } ?> Quote Link to comment Share on other sites More sharing options...
atticus Posted November 12, 2007 Author Share Posted November 12, 2007 thanks...however I am getting a syntax error: line: $query = mysql_query($sql) of die (mysql_error()); nevermind...found the error: of needs to be or Quote Link to comment Share on other sites More sharing options...
atticus Posted November 12, 2007 Author Share Posted November 12, 2007 I am not getting any more errors but echo still doesn't work. Quote Link to comment Share on other sites More sharing options...
Mr P!nk Posted November 12, 2007 Share Posted November 12, 2007 you haven't closed this if if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { or this else // after login we move to the main page header('Location: index.php'); exit; } else { Quote Link to comment Share on other sites More sharing options...
atticus Posted November 12, 2007 Author Share Posted November 12, 2007 there was more code at bottom where it was closed Quote Link to comment Share on other sites More sharing options...
revraz Posted November 12, 2007 Share Posted November 12, 2007 You still didn't close the first IF { Also, you are calling SESSION_START (); twice, once at the beginning of the script, then a 2nd time on the 2nd IF Else statement. Quote Link to comment Share on other sites More sharing options...
Mr P!nk Posted November 12, 2007 Share Posted November 12, 2007 also when i connect to the db and call a while i do something like this <?php include("config.php"); $sql = "SELECT * FROM table_auth_user where user_id = '{$_GET['user_id']}'"; $query = mysql_query($sql) or die (mysql_error()); $result = mysql_fetch_array($query); // get teh result here while($result = mysql_fetch_array($query)) // then call it here { echo "{$result['user_id']}"; } echo "<br /></div>"; ?> give that a try maybe? Quote Link to comment Share on other sites More sharing options...
atticus Posted November 12, 2007 Author Share Posted November 12, 2007 It is still not displaying the info. Quote Link to comment Share on other sites More sharing options...
Psycho Posted November 12, 2007 Share Posted November 12, 2007 Have you verified that there is a value in $_GET['user_id'] and that there are records associated with that value in your table? That is the simple type of debuging that you should be doing before asking for help. I do see another problem. You are returning the results of the query to the variable $query. Then you get the first record and assign to $result. Then before you do anything with that record you create a while loop to get the next record! Since I am assuming there is only one record associated with a particular user_id, that while loop is false and never runs. I have modified your code below: <?php include("config.php"); $sql = "SELECT * FROM table_auth_user where user_id = '{$_GET['user_id']}'"; //ADD THIS LINE FOR DEBUGGING PURPOSES echo "Query: $sql<br>"; $query = mysql_query($sql) or die (mysql_error()); if (mysql_num_rows($query)==0) { echo "No results returned."; } else { //Since I am assuming you are returning one record you don't need the while loop $result = mysql_fetch_array($query); // get teh result here echo "{$result['user_id']}"; } ?> If you get an appropriate result remove/comment out the debugging line. If not, check the query that is echo'd to the page and verify there is an ID. If it's not there figure out why. If it is there check the table to ensure there is a record for that value in the table. Also, is 'user_id' the correct name for that column in te table? Is the table name correct? Quote Link to comment Share on other sites More sharing options...
holladb Posted November 12, 2007 Share Posted November 12, 2007 Atticus, it doesn't look like the session was even defined properly.... Why are you using Get variables rather than Post variables or Sessions? Using get isn't wise on user systems... I would suggest defining their username or ID when you start the session... On your echo page you are defining the echo statement as whats being called on in MySQL... try another row like $row['name'] or something to see if it shows up. Quote Link to comment Share on other sites More sharing options...
atticus Posted November 12, 2007 Author Share Posted November 12, 2007 You guys are both correct, if you haven't noticed, I am very new to PHP and server scripting in general. I took your advice and dropped the $_GET and used $_SESSION. I am still using the while loop because it simply works like a catalog, only the "products" are delivered based on the user name which acts like a categories field. I don't know if this is the best solution, it just happens to be the only solution I have come up with so far: Added to login.php $_SESSION['user_id'] = $userId; I changed my query to this... $sql = "SELECT * FROM cust where cust_id = '{$_SESSION['user_id']}'"; I would like to know the best/standard way to accomplish this and drop while loop. Thanks for the advice on debugging, that is what helped me solve this issue Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.