Basically for my welcome page and my status page on my site I need a script that gets the username and email and user id. I tried lots of different things but every time I do something there is an error. So can someone tell me how to do this?
Printable View
Basically for my welcome page and my status page on my site I need a script that gets the username and email and user id. I tried lots of different things but every time I do something there is an error. So can someone tell me how to do this?
hmm ? what you mean, please explain more
Basically when the user looks at the page if theyre loged in I want it to show there username with a message like Welcome (username here) and if theyre not logged in it takes them to the login page.
It would help if you post up the code you're using and the error you get.
You should use the [ php][ /php] tags when posting code. Makes it easier to read.
I haven't used custom session classes so you'll have to adapt. Every page that deals with sessions has to start with session_start(). Then, you can use the $_SESSION variable to access any data stored in the session:
Now, that should work when you have an active session. A basic login form processing page (to create a session) would look like:PHP Code:<?php
session_start();
if(isset($_SESSION['username'])) { //session exists
echo "Logged in as <b>{$_SESSION['username']}</b><br><br>
Back to [<a href=\"../main.php\">Main Page</a>]<br><br>";
}
else { //no session exists
echo "Please go back and <a href=\"../login.php\">log in</a>.";
}
?>
And a basic login form:PHP Code:<?php
session_start();
$username = $_POST['username']; //use mysql_real_escape_string or whatever data validation methods you use
$password = $_POST['password'];
//You may want to check the database for the username and authenticate the password here
$_SESSION['username'] = $username; //Set session variables that you'll be able to access from any other page
$_SESSION['password'] = $password;
?>
I hope that gives you a basic idea of how to work with sessions.PHP Code:<form action="login.php" method="post">
Username: <input name="username" type="text"><br>
Password: <input name="password" type="password"><br>
<input type="submit" value="Login">
</form>
that doesnt tell me everything? what should i tell you ^^ gimme details
Woah Monoxide thx that works perfectly! :D
You could maybe do a query that selects all the information from the row where the username is equal to the session name like:
Or something similar.Code:<?php
if(isset($_SESSION['name'])) {
$mysql1 = mysql_query("SELECT * FROM tableName WHERE name = '$_SESSION[name]'");
$row = mysql_fetch_array($mysql1);
echo "Name: ".$row['name']."<br />Age: ".$row['age']."<br />Email: ".$row['email'];
}
?>
Here's a class I created (I'm working on OOP right now..). Not sure if it'd work. You'd initialize it by:
PHP Code:$login = new accounts($_POST['user'], $_POST['pass']);
// If checking login: $login->login();
// If registering: $login->register($_POST['name'], $_POST['pass'], $_POST['email']);
// If checking is logged in: if($login->loggedin()){ ... }
// Getting userid: $login->userid(); OR, get the id of a specific user: $login->userid('username');
// Get email: $login->getemail(); OR, get the email of a specific user: $login->getemail('username');
PHP Code:<?php
class accounts{ // Start the class. Initialize most variables as null if they're not set.
private $user = null;
private $pass = null;
private $dbinfo = array(
'sever' => 'localhost',
'user' => 'root',
'pass' => 'root',
'dbname' => 'accounts',
'acc_table' => 'accounts',
'name_row' => 'name',
'pass_row' => 'password',
'email_row' => 'emails',
'userid_row' => 'id',
'password_enc_type' => 'md5');
function login($user, $pass, $dbinfo){
if(!isset($user)){
$user = $this->user;
}
elseif(!isset($pass)){
$pass = $this->pass;
}
elseif(!isset($dbinfo)){
$dbinfo = $this->dbinfo;
}
elseif((is_null($user)) || (is_null($pass))){
echo 'One of the fields within the class was not entered.';
die();
}
mysql_connect($dbinfo['server'], $dbinfo['user'], $dbinfo['pass']);
mysql_select_db($dbinfo['dbname']);
$info = mysql_fetch_array(mysql_query("SELECT * FROM ".$dbinfo['acc_table']." WHERE ".$dbinfo['name_row']."='".$name."'")) or die(mysql_error());
if($dbinfo['password_enc_type'] == 'md5'){
if(md5($pass) == $info[$dbinfo['pass_row']]){
session_start();
$_SESSION['status'] = 'logged'; // Tell that the person is logged in.
$_SESSION['name'] = $name;
$_SESSION['pass'] = sha1(md5($pass)); // For security purposes, sha1 the pass so they think it's default SHA'd.
}else{
header("Status: Forbidden.", true, 403);
echo 'You were not logged in successfully, because your password was incorrect.';
}
}
elseif($dbinfo['password_enc_type'] == 'sha1'){
if(sha1($pass) == $info[$dbinfo['pass_row']]){
session_start();
$_SESSION['status'] = 'logged'; // They're logged in
$_SESSION['name'] = $name;
$_SESSION['pass'] = md5(sha1($pass));
}else{
header("Status: Forbidden.", true, 403);
echo 'You were not logged in successfully because your password was incorrect.';
}
}
}
function register($name, $pass, $email){
if(!isset($name)){
$name = $this->name;
}
if(!isset($pass)){
$pass = $this->pass;
}
if(!isset($email)){
$email = null;
}
if((is_null($name)) || (is_null($pass)) || (is_null($email))){
die('A field was not entered within the function. Please try again.');
}
$dbinfo = $this->dbinfo;
mysql_connect($dbinfo['server'], $dbinfo['user'], $dbinfo['pass']);
mysql_select_db($dbinfo['dbname']);
$num = mysql_num_rows(mysql_fetch_array(mysql_query("SELECT * FROM ".$dbinfo['acc_table']))) + 1;
$register = mysql_query("INSERT INTO ".$dbinfo['acc_table']." (".$dbinfo['name_row'].", ".$dbinfo['pass_row'].", ".$dbinfo['email_row'].", ".$dbinfo['userid_row'].") VALUES('$name', '$pass', $email, $num)") or die(mysql_error());
echo 'You have been registered successfully! Return to the previous page to login.';
}
function getemail($username){
if((!isset($username)) AND (!isset($_SESSION['name'])) || (is_null($username))){
echo 'The user is not logged in AND/OR is not set.';
}
elseif(!isset($username)){
$username = $_SESSION['name'];
}
$pass = $_SESSION['pass'];
$dbinfo = $this->dbinfo;
mysql_connect($dbinfo['server'], $dbinfo['user'], $dbinfo['pass']);
mysql_select_db($dbinfo['dbname']);
$info = mysql_fetch_array(mysql_query("SELECT * FROM ".$dbinfo['acc_table']." WHERE ".$dbinfo['name_row']."='".$username."'")) or die(mysql_error());
echo $info[$dbinfo['email_row']];
}
function userid($username){
if((!isset($username)) AND (!isset($_SESSION['name']))){
echo 'There is no specific user.';
}
elseif(!isset($username)){
$username = $_SESSION['name'];
}
mysql_connect($dbinfo['server'], $dbinfo['user'], $dbinfo['pass']);
mysql_select_db($dbinfo['dbname']);
$info = mysql_fetch_array(mysql_query("SELECT * FROM ".$dbinfo['acc_table']." WHERE ".$dbinfo['name_row']."='".$username."'")) or die(mysql_error());
echo $info[$dbinfo['userid_row']];
}
function loggedin(){
if(!isset($_SESSION['status'])){
return false;
}
elseif(!isset($_SESSION['name'])){
return false;
}
elseif(!isset($_SESSION['pass'])){
return false;
}
elseif((isset($_SESSION['status'])) AND ($_SESSION['status'] == 'logged') AND (isset($_SESSION['name'])) AND (isset($_SESSION['pass']))){
return true;
}
}
}
?>