Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    New to the CF scene
    Join Date
    Nov 2010
    Posts
    3
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Dynamic page post LogIn

    Hi everyone, I'm looking for some direction on how create a dynamic page that is populated based on the username and password from the login screen. I'm knowledgeable in php but can't seem to get a good direction on this.

    Here's what my LogIn page looks like (login.php):
    <?php
    if(isset($_POST["Submit"])) {
    $host="localhost";
    $username="username";
    $password="password";
    $db_name="database";
    $tbl_name="registered_members";
    mysql_connect("$host", "$username", "$password")or die("cannot connect");
    mysql_select_db("$db_name")or die("cannot select DB");
    $myusername=$_POST['username333'];
    $mypassword=$_POST['password333'];
    $myusername = stripslashes($myusername);
    $mypassword = stripslashes($mypassword);
    $myusername = mysql_real_escape_string($myusername);
    $mypassword = mysql_real_escape_string($mypassword);
    $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
    $result=mysql_query($sql);
    $count=mysql_num_rows($result);
    if($count==1)
    {
    session_register("myusername");
    session_register("mypassword");
    header("location:success.php");
    }
    else {
    echo "Wrong Username or Password";
    }
    }
    ?>

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title></title>
    <link href="CSS.css" rel="stylesheet" type="text/css" />
    </head>

    <body>
    <div class="banner"></div>
    <div class="mainMenu">

    <form action="" method="post" name="form">
    <table width="605" border="0" cellspacing="4" cellpadding="0">
    <tr>
    <td width="257" align="right" valign="top">Email:</td>
    <td width="336" align="left" valign="top"><label>
    <input name="username333" type="text" id="textfield" size="40" maxlength="40" />
    </label></td>
    </tr>
    <tr>
    <td align="right" valign="top">Password:</td>
    <td align="left" valign="top"><label>
    <input name="password333" type="password" id="textfield2" size="20" maxlength="20" />
    </label></td>
    </tr>
    <tr>
    <td align="right" valign="top"></td>
    <td align="left" valign="top"></td>
    </tr>
    <tr>
    <td align="right">&nbsp;</td>
    <td align="left"><label>
    <input type="submit" name="Submit" id="button" value="Log In" />
    </label></td>
    </tr>
    </table>
    </form></div>
    </body>
    </html>


    This works fine. What happens is when the user enters his or her username and password correctly, they go to the webpage success.php, which starts with this php code:
    <?
    session_start();
    if(!session_is_registered(myusername)){
    header("location:login.php");
    }
    ?>


    This also works fine (visitors can't access this page unless they entered a username and password correctly in the login page). So far so good. Are you guys still with me? I know it's a lot of stuff.

    In regards to the database, MySQL database has data for every username and password...data such as address, telephone number, and email for example.

    So, here's my question. How can I get the success.php page to populate address, telephone number, and email based on the username and password of the visitor who just logged in? I know this seems (and probably is) simple but my mind is at a deadlock.

  • #2
    Regular Coder poyzn's Avatar
    Join Date
    Nov 2010
    Posts
    266
    Thanks
    2
    Thanked 61 Times in 61 Posts
    while the login proccess get a user's info and write it into a session
    PHP Code:
    $_SESSION['user_info'] = array('id' => 1'name' => 'Romano''address' => 'Some address'); 
    and retrieve it on the next page
    PHP Code:
    $username $_SESSION['user_info']['name']; 
    Last edited by poyzn; 11-24-2010 at 09:01 PM.

  • #3
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    Do not (do not do not do not >.<) use session_register or session_is_registered. These are both deprecated functions that rely on the use of register_globals in order to work. Instead:
    PHP Code:
    $_SESSION['myvarname'] = $value;
    # replaces:
    # $value = 'my value';
    # $myvarname = $value;
    # session_register($myvarname);

    // AND
    if (isset($_SESSION['myvarname']))
    {
    # replaces:
    # session_is_registered('myvarname'); 
    Don't forget that session_start needs to be called prior to processing any session usage, and must be done prior to flushing the headers.

    As for getting your data, as mentioned you can pass it all in a session, or you can retrieve it when needed by querying based off of a userid or username/password combination or whatever uniquely identifies a user.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 
    Been gone for a few months, and haven't programmed in that long of a time. Meh, I'll wing it ;)

  • #4
    New to the CF scene
    Join Date
    Nov 2010
    Posts
    3
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Thank you both. I already have session_start called, so I'm good there. Can you just guide me to where the code must go using my example. In my login.php page, I have this code...
    PHP Code:
    $count=mysql_num_rows($result);
    if(
    $count==1)
    {
    session_register("myusername");
    session_register("mypassword");
    header("location:success.php");

    I'm going to assume it should be changed to this in order to eliminate the deprecated code:
    PHP Code:
    $count=mysql_num_rows($result);
    if(
    $count==1)
    {
    $_SESSION['myvarname'] = $value;
    header("location:success.php");

    Is that correct?

    Lastly, how should the success.php page start? Sessions are somewhat new to me but I'm understanding the concept. I think I should be starting the success.php with...
    PHP Code:
    <?
    session_start
    ();
    if (isset(
    $_SESSION['myvarname']))
    {
    Am I on the right track? Also, where is $value being called again in the first set of code ($_SESSION['myvarname'] = $value; ). I'd like to follow how the code is being processed so I can get a full understanding of 'Sessions'.

    Again, thanks for the help and guidance.
    Last edited by Romano; 11-24-2010 at 11:59 PM.

  • #5
    New to the CF scene
    Join Date
    Nov 2010
    Posts
    4
    Thanks
    0
    Thanked 1 Time in 1 Post
    Quote Originally Posted by Romano View Post
    Thank you both. I already have session_start called, so I'm good there. Can you just guide me to where the code must go using my example. In my login.php page, I have this code...
    PHP Code:
    $count=mysql_num_rows($result);
    if(
    $count==1)
    {
    session_register("myusername");
    session_register("mypassword");
    header("location:success.php");

    I'm confused about why you're putting their password into a session in the first place. Past the login, the password should be unnecessary.


    I'm going to assume it should be changed to this in order to eliminate the deprecated code:
    PHP Code:
    $count=mysql_num_rows($result);
    if(
    $count==1)
    {
    $_SESSION['myvarname'] = $value;
    header("location:success.php");

    Is that correct?
    Assuming that you are checking on registration that the username is not already taken, yes, because it is unlikely, but possible that the same username could be in the database twice, with the same password. In this case, $count would be greater than one.

    Better to limit to 1 in the query, and then check that it's greater than 0 when checking if it's in the database.

    The session doesn't have to be called 'myvarname', you could call it whatever you want, and assign whatever value you want to it, normally the username, or as stated earlier, an array of user information for quick access.

    But yes, your code is correct.


    Lastly, how should the success.php page start? Sessions are somewhat new to me but I'm understanding the concept. I think I should be starting the success.php with...
    PHP Code:
    <?
    session_start
    ();
    if (isset(
    $_SESSION['myvarname']))
    {
    Am I on the right track?
    Yeah, that's correct.


    Also, where is $value being called again in the first set of code ($_SESSION['myvarname'] = $value; ). I'd like to follow how the code is being processed so I can get a full understanding of 'Sessions'.

    Again, thanks for the help and guidance.
    As I said earlier in my post, you can set the session to whatever you want.

    PHP Code:
    $_SESSION['login'] = $myusername
    That is probably how you want to do it.

  • Users who have thanked ac04 for this post:

    Romano (11-25-2010)

  • #6
    New to the CF scene
    Join Date
    Nov 2010
    Posts
    3
    Thanks
    1
    Thanked 0 Times in 0 Posts
    The combination of all the replies made sense and my pages are working the way I need them to. Thank you very much!!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •