help with php msql query over two pages
Results 1 to 3 of 3

Thread: help with php msql query over two pages

  1. #1
    Junior Member
    Join Date
    Aug 2013
    Posts
    2

    help with php msql query over two pages

    Hello

    i,m trying to work out how i can use my login page and carry the username information over two pages from the login.php to the login_submit.php
    and then to members.php. i have tried using cookies and sessions but i can not get the members page to show there details from the database code as follows any help would be great i have been suck for awhile now.

    login_submit.php

    PHP Code:
    <?php

    /*** begin our session ***/
    session_start();
    if(!isset(
    $_SESSION['user_id']))
    {
        
    $message 'You must be logged in to access this page';
    }

    $phpro_username=$_REQUEST['phpro_username'];
    /*** check if the users is already logged in ***/
    if(isset( $_SESSION['user_id'] ))
    {
        
    $message 'Users is already logged in';
    }
    /*** check that both the username, password have been submitted ***/
    if(!isset( $_POST['phpro_username'], $_POST['phpro_password']))
    {
        
    $message 'Please enter a valid username and password';
    }
    /*** check the username is the correct length ***/
    elseif (strlen$_POST['phpro_username']) > 20 || strlen($_POST['phpro_username']) < 4)
    {
        
    $message 'Incorrect Length for Username';
    }
    /*** check the password is the correct length ***/
    elseif (strlen$_POST['phpro_password']) > 20 || strlen($_POST['phpro_password']) < 4)
    {
        
    $message 'Incorrect Length for Password';
    }
    /*** check the username has only alpha numeric characters ***/
    elseif (ctype_alnum($_POST['phpro_username']) != true)
    {
        
    /*** if there is no match ***/
        
    $message "Username must be alpha numeric";
    }
    /*** check the password has only alpha numeric characters ***/
    elseif (ctype_alnum($_POST['phpro_password']) != true)
    {
            
    /*** if there is no match ***/
            
    $message "Password must be alpha numeric";
    }
    else
    {
        
    /*** if we are here the data is valid and we can insert it into database ***/
        
    $phpro_username filter_var($_POST['phpro_username'], FILTER_SANITIZE_STRING);
        
    $phpro_password filter_var($_POST['phpro_password'], FILTER_SANITIZE_STRING);

        
    /*** now we can encrypt the password ***/
        
    $phpro_password sha1$phpro_password );
        
        
    /*** connect to database ***/
        /*** mysql hostname ***/
        
    $mysql_hostname 'localhost';

        
    /*** mysql username ***/
        
    $mysql_username 'username';

        
    /*** mysql password ***/
        
    $mysql_password 'password';

        
    /*** database name ***/
        
    $mysql_dbname 'database name';

        try
        {
            
    $dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname"$mysql_username$mysql_password);
            
    /*** $message = a message saying we have connected ***/

            /*** set the error mode to excptions ***/
            
    $dbh->setAttribute(PDO::ATTR_ERRMODEPDO::ERRMODE_EXCEPTION);

            
    /*** prepare the select statement ***/
            
    $stmt $dbh->prepare("SELECT phpro_user_id, phpro_username, phpro_password FROM phpro_users 
                        WHERE phpro_username = :phpro_username AND phpro_password = :phpro_password"
    );

            
    /*** bind the parameters ***/
            
    $stmt->bindParam(':phpro_username'$phpro_usernamePDO::PARAM_STR);
            
    $stmt->bindParam(':phpro_password'$phpro_passwordPDO::PARAM_STR40);

            
    /*** execute the prepared statement ***/
            
    $stmt->execute();

            
    /*** check for a result ***/
            
    $user_id $stmt->fetchColumn();

            
    /*** if we have no result then fail boat ***/
            
    if($user_id == false)
            {
                    
    $message 'Login Failed';
            }
            
    /*** if we do have a result, all is well ***/
            
    else
            {
                    
    /*** set the session user_id variable ***/
                    
    $_SESSION['user_id'] = $user_id;

                    
    /*** tell the user we are logged in ***/
                    
    $message 'You are now logged in';
            }


        }
        catch(
    Exception $e)
        {
            
    /*** if we are here, something has gone wrong with the database ***/
            
    $message 'We are unable to process your request. Please try again later"';
        }
    }


    ?>

    <html>
    <head>
    <title>PHPRO Login</title>
    </head>
    <body>
    <p><?php echo $message
    echo
    '<a href="members.php">My acount</a>';?>

    </body>
    </html>


    members.php

    <html>
    <head>
    <title>Members Only Page</title>
    </head>
    <body>
    <h2><?php echo $message?></h2>
    </body>
    </html>
    <a href="test.php">Click here</a>
    <a href="login.php?status=loggedout" class="item">Log Out</a>

    <?PHP


    require_once"connect.php" ;

    $phpro_username=$_REQUEST['phpro_username'];

    $resultmysqli_query($con"SELECT * FROM phpro_users WHERE phpro_username='$_POST[phpro_username]'  ");
     echo
    "<table border='1'>
    <tr>
    <th>User Name</th>

    </tr>"
    ;
      
      while (
    $row mysqli_fetch_array($result))
     {
     echo
    '<form method="post" action="update.php">' ;

     echo 
    "<tr>" ;
     echo 
    "<td>" $row['phpro_username'] . "</td>" ;
     echo 
    "<td>" ;
    echo 
    "Id: <input type=\"text\" name=\"id\" value=\"{$row['phpro_user_id']}\" /> " ;
     echo 
    "&nbsp;&nbsp; New Password:&nbsp;&nbsp;<input type='text' value=\"{$row['phpro_password']}\" name=\"password\"/>" ;
     echo 
    "&nbsp;&nbsp;State:<input type=\"text\" name=\"state\" value=\"{$row['state']}\" /><br />" ;
     echo 
    "&nbsp;&nbspPost Code:<input type=\"text\" name=\"Post_code\" value=\"{$row['Post_code']}\" />";
    echo
    " <center>Description:<br><textarea name=\"description\" rows=\"15\" cols=\"90\">".$row['description']."</textarea></center>\n";
    // Note that we are building our src string using the filename from the database
                            
    echo "<img src=\"images/" $row['filename'] . "\" alt=\"\" / width=\"90\" height=\"90\">' </a><br />";
    echo
    "<a href=\"test/test3.php\">Up load Your Photo</a>" ;
     echo 
    "<br />" ;
     
     }
     echo
    '<input type="submit" value="UpDate Your Account"></form>';
    echo
    '<a href="logout.php?status=loggedout">Log Out</a>';
     

     
    ?>
    </body>
    </html>
    any help would be great thanks heaps.
    Last edited by bradgrafelman; 08-27-2013 at 11:54 AM. Reason: bbcode tags added

  2. #2
    Pedantic Curmudgeon Weedpacket's Avatar
    Join Date
    Aug 2002
    Location
    General Systems Vehicle "Thrilled To Be Here"
    Posts
    21,840
    If you're talking about sessions, I see nothing in members.php that mentions sessions at all. You have to tell a script to use sessions if you want it to use sessions.
    THERE IS AS YET INSUFFICIENT DATA FOR A MEANINGFUL ANSWER
    FAQs! FAQs! FAQs! Most forums have them!
    Search - Debugging 101 - Collected Solutions - General Guidelines - Getting help at all

  3. #3
    Junior Member
    Join Date
    Aug 2013
    Posts
    2
    hi yes i have session start() at the top of the page i just forgot to copy it . it is like this

    session_start();

    if(!isset($_SESSION['user_id']))
    {

    this is on top of the member.php
    $message = 'You must be logged in to access this page';
    }

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •