[SOLVED] Help needed to retrieve values.

[smithmr8]

Hi,

I was recommended this site by someone I know, so I hope you'll be able to help

 

I am currently building a website template site, but am having some difficulty with a members set-up.

 

What I would like it to do..

I would like to be able to retrieve values from a database table using the username of a member.

 

E.g.

When someone logs into their account, it will display in the place I would like it..[in the 'Account Information Section', click the link at the base of the post to see where I mean] 'Welcome, USERNAME'

I would also be able to get other details retaining to that username, such as its ID [Defined in the MySQL table].

 

Thanks,

Luke

 

The Website: http://www.templateking.co.uk

[revraz]

Not sure really what you are asking of the forum, but just load those values into a variable and echo them where you want.

[Ken2k7]

We don't write codes for you but if you post what you have we can help you.

[GingerRobot]

You're far better off tracking the user ID rather than a username. Use that to know which user is viewing the page and what information to take from the database.

[smithmr8]

I have tried all sorts of things, but have come to no avail.

 

I would like to know how to get the username of the member logged in, and how I can use that to retrieve other values from the table the information is located in.

 

---

 

I dont want you to write anything for me. Just looking for some guidance really.

 

I am using this as my login script.

<?php

ob_start();

$host="--REMOVED--"; // Host name

$username="--REMOVED--"; // Mysql username

$password="--REMOVED--"; // Mysql password

$db_name="--REMOVED--"; // Database name

$tbl_name="members"; // Table name

 

// Connect to server and select databse.

mysql_connect("$host", "$username", "$password")or die("cannot connect");

mysql_select_db("$db_name")or die("cannot select DB");

 

$myusername=$_POST['myusername'];

$mypassword=$_POST['mypassword'];

 

 

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";

$result=mysql_query($sql);

if($result){

echo "go";

}

 

//mysql_num_row is counting table row

$count=mysql_num_rows($result);

//if result match  $myusername  and mypassword  table row must be 1 row

 

if($count==1){

//session_register("myusername");

session_start();

$_SESSION['myusername'] = $myusername;

header("location:index.php");

}

else {

echo "Wrong Username or Password";

}

ob_end_flush();

?>

 

If I try to echo $_SESSION['username'] it just appears as a blank space.

[revraz]

First off, put session_start(); as the first line of code after <?php

 

Is there more to this code or is there a form page that calls this?

[GingerRobot]

If I try to echo $_SESSION['username'] it just appears as a blank space.

 

Thats because you used $_SESSION['myusername'];

[redarrow]

every page needs session_start(); at the beging to set and see the session's

 

<?php
ob_start();
session_start();
$host="--REMOVED--"; // Host name
$username="--REMOVED--"; // Mysql username
$password="--REMOVED--"; // Mysql password
$db_name="--REMOVED--"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];


$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
if($result){
echo "go";
}

//mysql_num_row is counting table row
$count=mysql_num_rows($result);
//if result match  $myusername  and mypassword  table row must be 1 row

if($count==1){
//session_register("myusername");
$_SESSION['myusername'] = $myusername;
header("location:index.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>

[smithmr8]

   <form method="POST" action="login.php">
  <input name="myusername" type="text" size="13" />
  <input name="mypassword" type="password" size="13" />
  <input type="submit" name="Submit" value="Login!" />
  </form>

 

This is the form which calls the script. Located on the index page.

 

-----

I meant to type that . Everytime I try to echo the $_SESSION['myusername'] it simply returns a blank space.

[smithmr8]

I've updated the script, so that the session_start() is at the top now.

 

I all added this piece of code to the header file, [it will appear in the section 'Account Information']

 

  <?php 
                          if(isset($_SESSION['myusername'])) {
          echo "Welcome,  ". $_SESSION['myusername'];
          } else {
          echo "Welcome, Guest";
          }
                          ?>

 

Even when I login, it still display's 'Welcome, Guest'.. which indicates something is not working.

[Ken2k7]

Are you sure your password isn't hashed? If so, you need to do that. Not sure what hash you use but I guess md5 right?

 

$mypassword=md5($_POST['mypassword']);

[smithmr8]

Not sure what Hashing is, but I added that to the code. Also changed the password in the DB to an md5 version. Still, when I log-in, it does so successfully, but it still wont display the username.

[Ken2k7]

Can you post your updated codes that you have?

[smithmr8]

The login.php script

<?php
session_start();
ob_start();

$host="REMOVED"; // Host name
$username="REMOVED"; // Mysql username
$password="REMOVED"; // Mysql password
$db_name="REMOVED"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

$myusername=$_POST['myusername'];
$mypassword=md5($_POST['mypassword']);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
if($result){
echo "go";
}

//mysql_num_row is counting table row
$count=mysql_num_rows($result);
//if result match  $myusername  and mypassword  table row must be 1 row

if($count==1){
//session_register("myusername");
$_SESSION['myusername'] = $myusername;
header("location:index.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>

 

The code in the header file. [Appears in the Application Information Section]

    <?php 
                          if(isset($_SESSION['myusername'])) {
          echo "Welcome,  ". $_SESSION['myusername'];
          } else {
          echo "Welcome, Guest";
          }
         
                          ?>

[GingerRobot]

Can you also post index.php, since this is the place you are redirected after a successful login.

[redarrow]

<?php

session_start();

ob_start();

 

 

correct

<?php

ob_start();

session_start();

 

 

and the header file needs session_start()

 

you been playing with php.ini

[smithmr8]

I hadn't put 'session_start()' in the header file.

 

Welcome, Luke

 

Its working now .

 

The last thing, was how do I use that name to get more values from the 'members' table for that username.

 

I have tried to do things like ..

 

<?php
$user = $_SESSION['username'];
$info="SELECT * FROM members WHERE username='$user'";
$result_info = mysql_query($info);
?>

 

Which, when using this line, displays nothing.

echo "ID: ". $result_info['ID'];

[GingerRobot]

You're missing a line. You need to grap the results first, using one of the mysql_fetch_xxxx functions:

 

<?php
$user = $_SESSION['username'];
$info="SELECT * FROM members WHERE username='$user'";
$result_info = mysql_query($info) or die(mysql_error());
$row = mysql_fetch_assoc($result_info);
echo "ID: ". $row['ID'];//this assumes you have a field called ID
?>

[redarrow]

<?php
$user = $_SESSION['username'];
$info="SELECT * FROM members WHERE username='$user'";
$result_info = mysql_query($info);
$x=mysql_fetch_array($result_info);

echo "".$x['name']."";
?>

[smithmr8]

Thank-You so much!

 

Its working now

 

Very Much Appreciated.

 

You guys definatelly know your stuff

 

Best Regards,

Luke

 

PS. PHPFreaks will definately have a link from my site .