Jump to content

creating profile

runnerjp

By runnerjp
in PHP Coding Help

 Share

Recommended Posts

runnerjp Advanced Member

runnerjp

Posted
Posted

hey guys

 

im just wondering what is the best way to set up  users profile....

 

would i get them to make it the 1st time they sign in assigning them a name for there profile there or use there login name to creat the profile? if so how can i make it so the users information can be set up in there own folder or will this be messy stuff and is there a better way of doing it?

 

Link to comment
Share on other sites
cha0sriderx Member

cha0sriderx

Posted
Posted

on my site i have my profiles in the same mysql table as the login info.  if you are making a login system you need to use sessions so you can just use the sessions id that you have the username under to get the profile data from the database. 

 

also you can do it this way..

profile.php?user=(some name) - will load the profile of another user

profile.php - will load their profile.

Link to comment
Share on other sites
runnerjp Advanced Member

runnerjp

Posted
  • Author
Posted

ok followed it and did this

members.php

<?php
require ( 'http://websitename.com/lib/connect.php' );
  // connect to db

  $sql = "SELECT ID, username FROM users";
  if ($result = mysql_query($sql)) {
    if (mysql_num_rows($result)) {
      while ($row = mysql_fetch_assoc($result)) {
        echo "<a href='profile.php?id={$row['ID']}'>{$row['username']}</a><br />";
      }
    }
  }


?>

 

and

profile.php

<?php
require ( 'http://www.websitename.com/lib/connect.php' );
  // connect to db

  if (isset($_GET['ID'])) {
    $id = mysql_real_escape_string($_GET['ID']);
    $sql = "SELECT id, username FROM users WHERE memberID = '$ID' LIMIT 1";
    if ($result = mysql_query($sql)) {
      if (mysql_num_rows($result)) {
        $row = mysql_fetch_assoc($result);
        echo $row['ID'].'<br />';
        echo $row['username'].'<br />';
      
      }
    }
  }

?>

but its just showing a blank page ... should it not echo id and username?

 

also should i not just be able to type in www.mywebiste.com/members/user    and have there profile come up :P

 

(just to let u know that lib/connect.php is just 

<?php $dbhost = 'localhost';
$dbuser = 'usrname';
$dbpass = 'password';

$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die                      ('Error connecting to mysql'); ?>

Link to comment
Share on other sites
runnerjp Advanced Member

runnerjp

Posted
  • Author
Posted 

<?php
session_start(); 
include("http://www.runningprofile.com/lib/connect.php");
include("http://www.runningprofile.com/login.php");
include("http://www.runningprofile.com/functions.php");
mait();
$query="SELECT * FROM users WHERE ID = '$ID' LIMIT 1"; 
$result=mysql_query($query); 
while($array=mysql_fetch_assoc($result)){
$user=$array['username'];
$email=$array['email'];
?>

//Connect to Database
<? 
    echo "Welcome " .  $username . "<br>";    
    echo "Your registered email is " .  $email . "<br>";
    
?>

 

thought something like that would do it but ll i get is Parse error: syntax error, unexpected $end in /home/runningp/public_html/members/profile.php on line 20

 

and i dont think this way will work

Link to comment
Share on other sites
runnerjp Advanced Member

runnerjp

Posted
  • Author
Posted

connect is just to get to db and functions are here

 

<?php
// ------------------------------------------------------------------------

/**
 * checkLogin
 *
 * Applies restrictions to visitors based on membership and level access
 * Also handles cookie based "remember me" feature
 *
 * @access	public
 * @param	string
 * @return	bool TRUE/FALSE
 */


function checkLogin ( $levels )
{
	session_start ();
	global $db;
	$kt = split ( ' ', $levels );

	if ( ! $_SESSION['logged_in'] ) {

		$access = FALSE;

		if ( isset ( $_COOKIE['cookie_id'] ) ) {//if we have a cookie

			$query =  'SELECT * FROM ' . DBPREFIX . 'users WHERE ID = ' . $db->qstr ( $_COOKIE['cookie_id'] );

			if ( $db->RecordCount ( $query ) == 1 ) {//only one user can match that query
				$row = $db->getRow ( $query );

				//let's see if we pass the validation, no monkey business
				if ( $_COOKIE['authenticate'] == md5 ( getIP () . $row->Password . $_SERVER['USER_AGENT'] ) ) {
					//we set the sessions so we don't repeat this step over and over again
					$_SESSION['user_id'] = $row->ID;				
					$_SESSION['logged_in'] = TRUE;

					//now we check the level access, we might not have the permission
					if ( in_array ( get_level_access ( $_SESSION['user_id'] ), $kt ) ) {
						//we do?! horray!
						$access = TRUE;
					}
				}
			}
		}
	}
	else {			
		$access = FALSE;

		if ( in_array ( get_level_access ( $_SESSION['user_id'] ), $kt ) ) {
			$access = TRUE;
		}
	}

	if ( $access == FALSE ) {
		header('Location: http://runningprofiles.com/members/index.php');
	}		
}

// ------------------------------------------------------------------------

/**
 * get_level_access
 *
 * Returns the level access of a given user
 *
 * @param	string
 * @access	public
 * @return 	string
 */

function get_level_access ( $user_id )
{
	global $db;
	$row = $db->getRow ( 'SELECT Level_access FROM ' . DBPREFIX . 'users WHERE ID = ' . $db->qstr ( $user_id ) );
	return $row->Level_access;
}

// ------------------------------------------------------------------------

/**
 * logout
 *
 * Handles logouts
 *
 * @param	none
 * @access	public
 */

function logout ()
{
	//session must be started before anything
	session_start ();

	//if we have a valid session
	if ( $_SESSION['logged_in'] == TRUE )
	{	
		//unset the sessions (all of them - array given)
		unset ( $_SESSION ); 
		//destroy what's left
		session_destroy (); 
	}

	//It is safest to set the cookies with a date that has already expired.
	if ( isset ( $_COOKIE['cookie_id'] ) && isset ( $_COOKIE['authenticate'] ) ) {
		/**
		 * uncomment the following line if you wish to remove all cookies 
		 * (don't forget to comment ore delete the following 2 lines if you decide to use clear_cookies)
		 */
		//clear_cookies ();
		setcookie ( "cookie_id", '', time() - KEEP_LOGGED_IN_FOR, COOKIE_PATH );
		setcookie ( "authenticate", '', time() - KEEP_LOGGED_IN_FOR, COOKIE_PATH );
	}

	//redirect the user to the default "logout" page
	header ( "Location: " . REDIRECT_ON_LOGOUT );
}

// ------------------------------------------------------------------------

/**
 * clear_cookies
 *
 * Clears the cookies
 * Not used by default but present if needed
 *
 * @param	none
 * @access	public
 */

function clear_cookies ()
{
	// unset cookies
	if ( isset( $_SERVER['HTTP_COOKIE'] ) ) {
		$cookies = explode ( ';', $_SERVER['HTTP_COOKIE'] );
		//loop through the array of cookies and set them in the past
		foreach ( $cookies as $cookie ) {
			$parts = explode ( '=', $cookie );
			$name = trim ( $parts [ 0 ] );
			setcookie ( $name, '', time() - KEEP_LOGGED_IN_FOR );
			setcookie ( $name, '', time() - KEEP_LOGGED_IN_FOR, '/' );
		}
	}
}

// ------------------------------------------------------------------------

/**
 * set_login_sessions - sets the login sessions
 *
 * @access	public
 * @param	string
 * @return	none
 */

function set_login_sessions ( $user_id, $password, $remember )
{
	//start the session


	//set the sessions
	$_SESSION['user_id'] = $user_id;
	$_SESSION['logged_in'] = TRUE;

	//do we have "remember me"?
	if ( $remember ) {
		setcookie ( "cookie_id", $user_id, time() + KEEP_LOGGED_IN_FOR, COOKIE_PATH );
		setcookie ( "authenticate", md5 ( getIP () . $password . $_SERVER['USER_AGENT'] ), time() + KEEP_LOGGED_IN_FOR, COOKIE_PATH );
	}
}



// ------------------------------------------------------------------------

/**
 * Check unique
 *
 * Performs a check to determine if one parameter is unique in the database
 *
 * @access	public
 * @param	string
 * @param	string
 * @return	bool
 */


function checkUnique ( $field, $compared )
{
	global $db;

	$query = $db->getRow ( "SELECT COUNT(*) as total FROM `" . DBPREFIX . "users` WHERE " . $field . " = " . $db->qstr ( $compared ) );

	if ( $query->total == 0 ) {
		return TRUE;
	}
	else {
		return FALSE;
	}
}

// ------------------------------------------------------------------------





/**
 * Get username - Returns the username of the logged in member based on session ID
 *
 * @access	public
 * @param	string
 * @return	string/bool
 */


function get_username ( $id )
{
	global $db;

	$query = "SELECT `Username` FROM `" . DBPREFIX . "users` WHERE `ID` = " . $db->qstr ( $id );

	if ( $db->RecordCount ( $query ) == 1 )
	{
		$row = $db->getRow ( $query );

		return $row->Username;
	}
	else {
		return FALSE;
	}
}




?>

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted

Your first issue may be the fact that including a file via a url (eg http://) is not normally configured to work. Use a filepath.

 

The last piece of code you posted is ridled with errors. Anyway, the mistake in the other code is probably due to the fact that your using $ID in your query, yet it does not exist. Try...

 

<?php
require ( 'http://www.websitename.com/lib/connect.php' );
  // connect to db

  if (isset($_GET['ID'])) {
    $id = mysql_real_escape_string($_GET['ID']);
    $sql = "SELECT username FROM users WHERE memberID = '$id' LIMIT 1";
    if ($result = mysql_query($sql)) {
      if (mysql_num_rows($result)) {
        $row = mysql_fetch_assoc($result);
        echo $id.'<br />';
        echo $row['username'].'<br />';
      
      } else {
        echo "No users found with id $id<br />";
      }
    } else {
      echo "Query failed<br />$sql<br />" . mysql_error();
    }
  }

?>

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted

Oh and ps:

 

also should i not just be able to type in www.mywebiste.com/members/user    and have there profile come up

 

This is done via mod_rewrite. We need to get your code working first before we attempt to create this rule.

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted

What does the url your using look like? Try...

 

<?php
require ( 'http://www.websitename.com/lib/connect.php' );
  // connect to db

  if (isset($_GET['ID'])) {
    $id = mysql_real_escape_string($_GET['ID']);
    $sql = "SELECT username FROM users WHERE memberID = '$id' LIMIT 1";
    if ($result = mysql_query($sql)) {
      if (mysql_num_rows($result)) {
        $row = mysql_fetch_assoc($result);
        echo $id.'<br />';
        echo $row['username'].'<br />';
      
      } else {
        echo "No users found with id $id<br />";
      }
    } else {
      echo "Query failed<br />$sql<br />" . mysql_error();
    }
  } else {
    echo "No ID passed";
  }

?>

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted

As I said, get your code working first. Your passing the id to the username peram. This will show up in $_GET['username'].

 

Do you understand what this code does? How it works? You really should make an effort to learn what the code does that people give you as examples. Otherwise your site is going to be hacked together by bits and pievces of code you know nothing about.

Link to comment
Share on other sites
runnerjp Advanced Member

runnerjp

Posted
  • Author
Posted

if (isset($_GET['id'])) {

    $id = mysql_real_escape_string($_GET['id']);

    $sql = "SELECT username FROM users WHERE id = '$ID' LIMIT 1";

    if ($result = mysql_query($sql)) {

      if (mysql_num_rows($result)) {

        $row = mysql_fetch_assoc($result);

        echo $ID.'<br />';

        echo $row['username'].'<br />';

     

     

 

could you run by what this does

 

if (isset($_GET['id'])) {

    $id = mysql_real_escape_string($_GET['id']);

    $sql = "SELECT username FROM users WHERE id = '$ID' LIMIT 1";

 

 

what i understand it gets the users id from the table qnd is limited to only finding 1 id then outputs echo

 

(thankyou for taking you time to help me out)

 

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted

This...

 

if (isset($_GET['id'])) {

 

checks to see if id was passed via the url.

 

This...

 

$id = mysql_real_escape_string($_GET['id']);

 

cleans and stores your id in a local variable $id.

 

Then...

 

$sql = "SELECT username FROM users WHERE id = '$ID' LIMIT 1";

 

Creates a query which selects the users username from the users table based on the id. NOTE: It should be $id not $ID, php is case sensitive.

 

 

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted
in my db id is stored as ID so should it not be in caps?

 

If thats the case, the query should look like....

 

$sql = "SELECT username FROM users WHERE id = '$id' LIMIT 1";

 

because according to your mod_rewrite rule you never pass anything via the id peram in the url. You use username.

Link to comment
Share on other sites
runnerjp Advanced Member

runnerjp

Posted
  • Author
Posted

well i deleted the mod_rewrite so i can gt code working 1st :) but i still get no id passed...  so howcomes i cant get the id...

 

also what happens if say some one else wants to see the users profile... how can they see the data if it gets the information passed via url :S

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted
also what happens if say some one else wants to see the users profile... how can they see the data if it gets the information passed via url :S

 

They simply pass the id via the url. eg http://yourdomain.com/profile.php?id=4

 

This entire piece of code was meant as an example. if you want your users to be able to view there own profile (and they are logged in) you would use data stored in there $_SESSION array to grab the extra data for the profile.

 

Read the link I provided in the first place, you really need to understand properly what this code does. From this simple example you should be able to extend / modify to do what you want, but you wont be able to do that untill you understand how it works.

Link to comment
Share on other sites
runnerjp Advanced Member

runnerjp

Posted
  • Author
Posted

ok started from scratch so i get all users information to cme up 

<?php
$sql = "SELECT ID, email,username FROM users";
  if ($result = mysql_query($sql)) {
    if (mysql_num_rows($result)) {
      while ($row = mysql_fetch_assoc($result)) {
    echo $row['username'].'<br />';
echo $row['email'].'<br />';
      }
    }
  }


?> [code]

and im assuming i should add something on th lines off



so that it only gets the users id yet this does not seem to work i get the error
Parse error: syntax error, unexpected $end in /home/runningp/public_html/members/profile.php on line 22


even when this is solved i still dont think it will work lol

<?
if (isset($_GET['ID'])) {
    $id = mysql_real_escape_string($_GET['ID']);

$sql = "SELECT ID, email,username FROM users WHERE memberID = '$id' LIMIT 1";
  if ($result = mysql_query($sql)) {
    if (mysql_num_rows($result)) {
      while ($row = mysql_fetch_assoc($result)) {
    echo $row['username'].'<br />';
echo $row['email'].'<br />';
      }
    }
  }


?>

[/code]

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.