[SOLVED] Username in form value?

[Potatis]

Hello,

 

I am having trouble getting exactly what I want from a web form.

 

I want to be able to get the name of a current user to appear in a text box on a web form where they can see it, but can't change it. They fill out the rest of the form, which is basically a quiz, and the whole thing is emailed to me.

 

I can use "this.blur()" to lock the text if I manually enter a value, but I'd like each logged in user to automatically see their own name when they open the form.

 

This is the line of code I am looking at:

 

<input name="username" type="text" onfocus="this.blur()" id="username" value="" size="40" />

 

If I take away the onfocus bit, then people can write their username, and it shows up in the email perfectly. But they could put someone else's name there too. I'm not looking for perfect security, it is just a friendly quiz among friends, but I'd like to know how I can fix this.

 

I had in mind that when the user opened the file, they'd see their username already there, magically appearing from their login info, but my attempts to do this failed. I have no idea how it can be done, if it can be done. I was doing all sorts of crazy things to try and get different variables in the "value" quotes.

 

Does anyone know how I can achieve what I am aiming for?

 

 

 

"

[themistral]

Try adding disabled to the end of the input box

 

<input name="username" type="text" onfocus="this.blur()" id="username" value="" size="40" disabled />

[Potatis]

Thanks. Is that to disable the text? Do you know what I can do to get a person's username to automatically fill the value in that line? Some sort of variable? I am hoping it can somehow grab the name of each logged in user who takes the quiz.

[themistral]

Yes that will disable the box.

 

If your site uses the username as part of the login, you could set a session variable to hold the username if login is successful.

 

$_SESSION['username'] = $_POST['username'];

 

where $_POST['username'] is taken from the login form.

 

Alternatively, when the user logs in, you could run a query to get the username from the database and set the session variable using that data.

 

HTH!! 

[Potatis]

Ok, here I need more info, because I was trying to do all sorts of things with

$_POST['username'];

and trying to get it into the value field, but I was doing it wrong.

 

Users login with this (in check.php):

 

<?php
  session_start();

  if($_SERVER['REQUEST_METHOD'] == "POST") {
    mysql_connect("***", "***", "***");
    @mysql_select_db("afl08db") or die( "Unable to connect to database");
    $result = mysql_query("SELECT * FROM login WHERE username='" .
      $_POST['username'] . "' AND
      password=md5('" . $_POST['password'] . "')");

    if(mysql_num_rows($result) > 0) {
      $_SESSION['is_logged_in'] = 1;
    }
  }

  if(!isset($_SESSION['is_logged_in'])) {
    header("location:login.php");
  } else {
    header("location:index.php");
  }
?>

 

My form is in another php file. How do I create a variable from this login/session code, and where do I put it? If I create a variable on the check.php page, will it remember it when it gets to the page with the form on it?

 

[edited to remove DB connection stuff]

 

[Potatis]

Oops... lol, I can't delete/edit my last post. I'll have to create a new db now. lol

[kenrbnsn]

I edited your post to remove the DB stuff.

 

Ken

[Potatis]

Thanks so much, Ken.

[themistral]

Oops!!! 

 

OK

 

    if(mysql_num_rows($result) > 0) {
      $_SESSION['is_logged_in'] = 1;

      $_SESSION['username'] = $_POST['username'];

    }

 

then

 

<input name="username" type="text" onfocus="this.blur()" id="username" value="<?php echo $_SESSION['username']; ?>" size="40" disabled />

 

Make sure all pages contain

session_start();

at the very start of the page or it will lose the session variables.

[Potatis]

Thanks, I'll try this now.

[Potatis]

It works! I couldn't be more happy! 

 

Thanks so much, themistral, it works great! I'm very grateful to you! 

[themistral]

No problems Potatis!!! 

Glad to help!