I got a problem with my post upload formula and need your help.
With this formula, I inserted data into 2 tables at same time and it worked perfectly fine. My next step was to insert the userid in the post table, so that the post is linked to the creator of the post.
Inserting the userid in the post table worked as well but after the upload, the user gets logged out.
Here is a part of my code
(I marked the code where I think there is something wrong with a "X")
session_start();
$db = mysqli_connect("localhost", "root", "", "abc");
if (isset($_POST['upload_post']))
{
$ad_post_title = mysqli_real_escape_string($db, $_POST['post_title']);
X $user_id = $_SESSION['id_u'];
X $_SESSION['id_u'] = mysqli_insert_id($db);
X $sql_p = "INSERT INTO ad_posts (post_title, user_id) VALUES ('$post_title','$user_id')";
if (mysqli_query($db, $sql_p))
{
$ad_post_id = mysqli_insert_id($db);
...
}
}
Maybe I have done something wrong with the session?
On the second line of your code you are overwriting a session variable of the users id, which I figure you're using to make sure the user is logged in, with the id of the newly inserted row.
$user_id = $_SESSION['id_u'];
X $_SESSION['id_u'] = mysqli_insert_id($db);
$sql_p = "INSERT INTO ad_posts (post_title, user_id) VALUES ('$post_title','$user_id')";
In the code you supplied I do not see are reason for this second line, remove it and your user won't be logged out, unless of course you're overwriting it somewhere else also.
You cannoT use mysqli_insert_id() before add data in the system.
I checked same code in my system and its working fine.
session_start();
$db = mysqli_connect("localhost", "root", "", "abc");
if (isset($_POST['upload_post']))
{
$ad_post_title = mysqli_real_escape_string($db, $_POST['post_title']);
$user_id = $_SESSION['id_u'];
$sql_p = "INSERT INTO ad_posts (post_title, user_id) VALUES ('$post_title','$user_id')";
if (mysqli_query($db, $sql_p))
{
$ad_post_id = mysqli_insert_id($db);
...
}
}
Related
Hi this has been frustrating me for a while and I can't seem to figure out what is wrong with my code
So I currently have a database called artworks and it has 2 tables within it a artwork table and a members table ( for login including username and password )
I already have login.php that stores username and password to the members table
Now I want to get that username from members table and store it within artworks table somehow. ( I do not know why my code is not storing my username into it)
<?php
session_start();
if(isset($_POST['title'])) $title = $_POST['title'];
if(isset($_POST['category'])) $category = $_POST['category'];
if(isset($_POST['description'])) $description = $_POST['description'];
if(isset($_POST['tags'])) $tags = $_POST['tags'];
$filename = $_FILES['image']['name'];
$location = $_FILES['image']['tmp_name'];
//move the file
move_uploaded_file($location, "uploads/$filename");
//put data into database
$db = mysqli_connect("localhost", "root","", "artworks") or die(mysqli_error($db));
$_SESSION['username'] = $username;
$q = "insert into artwork values(null, '$_SESSION[username]','$title', '$category', '$description', '$tags', '$filename')";
mysqli_query($db, $q) or die(mysqli_error($db));
//redirect
header("Location:gallery.php");
exit(0);
Ive also tried $_SESSION['username'] = $username; and $_SESSION['username'] = '$username'; and it still does not seem to work
I also want to display the current logged in user's name at the bottom of the page but echo $username also does not work ..
Many Thanks
should you do this, sign the $_SESSION['username'] at login section, i mean, after you success login, you create session with name => username and sign them from query's that refer to taking username and password from table member.
because session value still store although you change page, on the next page, refer to code above, you just include it to your query string.
for example
login.php
// u get data username and password from table member and asign it to $username
session_start();
$username = "foo";//you can sign this value from query tables
$_SESSION['username'] = $username;
remember, value on session still kept.
an in other side, on
store.php => it my assume ^_^
//after that $_SESSION[username] will be sign with name foo, for example
$q = "insert into artwork values(null, '$_SESSION[username]','$title', '$category', '$description', '$tags', '$filename')";
mysqli_query($db, $q) or die(mysqli_error($db));
I am working on a small community page where users will be able to post news, pictures, and comment on them. The problem where I am stuck is, whenever a user posts an entry, I want of course the username to be displayed next to the entry.
I am working with multiple tables here, one that stores the user info, and some that store the entry info (news, comments, pictures).
Now whenever a user posts something, I want to get his user ID out of the table USER, so that I can INSERT a new line INTO my table (in this case) NEWS, which wants the values Text, Title and U_ID as foreign key.
I am working with sessions, and since I had no problem simply displaying the name of the login user, I tried to use that user to select "his" row from the table and put the result into a variable ($uid) which I was hoping to use in another query for the INSERT INTO. However, according to the error message I get, something is wrong with my first query. Can anyone help?
<?php
include("dbconnect.php");
session_start();
if (isset($_SESSION['user'])) {
$user = $_SESSION['user'];
$sqluser = "SELECT FROM USER USER_ID
WHERE Name = '$user'";
$userresult = $conn->query($sqluser) or die($conn->error);
while($row = $userresult->fetch_assoc()){
$uid = $row["USER_ID"];
}
} else {
header('Location: login.php');
}
if (isset($_POST["title"], $_POST["text"])) {
$title = mysqli_real_escape_string($conn, $_POST["title"]);
$text = mysqli_real_escape_string($conn, $_POST["text"]);
$sql = "INSERT INTO NEWS (Titel, Text, U_ID)
VALUES ('$title', '$text', '$uid')";
}
$conn->close();
?>
I think there is mistake in your query
$sqluser = "SELECT FROM USER USER_ID WHERE Name = '$user'";
It should be like this
$sqluser = "SELECT USER_ID FROM USER WHERE Name = '$user'";
Ok .. I'm stuck. I tried several codes from topics here, but still not working for me so I need a little help please.
I want to log if a user is logged in for the first time and want to update that same record if the user returns. The update part works, but when my function is executed the first time, it insert a total blank record and a record with all the data provided by variables. The last_login column is NULL for the first vist and is nicely updated with the last login.
But what I can't figure out is why the first login creates these extra records.
Here is the function code I created:
function log_users($userId, $username, $achternaam, $district, $gemeente, $ipaddress)
{
global $connection;
$sql = mysqli_query($connection, "SELECT * FROM logfile_sap WHERE user_id = '{$userId}'");
if(mysqli_num_rows($sql) > 0)
{
$sql = "UPDATE logfile_sap SET last_login = NOW() WHERE user_id = '{$userId}'";
$query = mysqli_query($connection, $sql);
}
else
{
$sql = "INSERT INTO logfile_sap
(user_id, username, achternaam, district, gemeente, ipaddress, first_login)
VALUES
('{$userId}', '{$username}', '{$achternaam}', '{$district}', '{$gemeente}', '{$ipaddress}', NOW())";
$query = mysqli_query($connection, $sql);
}
}
So as you can see I am checking if the user already exists in the logfile_sap table and if it does NOT exist I want to insert the user (which works but with an extra row) and if the user already exists the record is updated.
This is the code I use on top of the page that needs to check and adds the data in the table:
<?php log_users($userId, $username, $achternaam, $district, $gemeente, $ipaddress); ?>
I hope some has a brighter idea than me ;-)
++++++++++++++++++++++++++++++++++++++++++++
Problem SOLVED. I had an epiphany !!!
I called my function OUTSIDE my if(isset($_SESSION['id'])) statement.
After I've put it INSIDE the if(isset($_SESSION['id'])) statement, there was only one record inserted into the table !!
Problem SOLVED. I had an epiphany !!!
I called my function OUTSIDE my if(isset($_SESSION['id'])) statement.
After I've put it INSIDE the if(isset($_SESSION['id'])) statement, there was only one record inserted into the table !!
I'm trying to add a user to the phplist database. Adding the user is working, but they're not being added to the list.
$uniqueId = md5(uniqid(mt_rand(0,1000).$email));
$adduser = "INSERT INTO phplist_user_user (email, entered, confirmed, uniqid, htmlemail) VALUES ('".addslashes($email)."', 'now()', '1', '".addslashes($uniqueId)."', '1')";
$save1 = mysql_query($adduser);
It works up to this point, but then the following code doesn't:
$getid = "SELECT id FROM phplist_user_user WHERE uniqid='".addslashes($uniqueId)."'";
$userId = mysql_query($getid);
$addlist = "INSERT INTO phplist_listuser (userid,listid,entered) VALUES ('".addslashes($userId)."','2',now())";
$save2 = mysql_query($addlist);
Why is this happening?
I suppose you didn't handle properly return of $getid query.
$getId = mysql_query ("SELECT id FROM phplist_user_user WHERE uniqid='".addslashes($uniqueId)."'");
$fetchId = mysql_fetch_array($getId);
$userId = $fetchId['id'];
Now you can use $userId variable in $addlist
No need to add user in phplist_tables , simply add in mysql -> create user phplistuser;
grant all permission to this user.
Please check phplist forums for further assistance.
I have a registration script where the user id is saved as a session variable after registration and the user is redirected to their homepage. For some reason the user id is not being stored in the session variable. This exact same script worked on a different project, I simply took the project and changed the database connection settings and now it's not working.
Here is the registration script:
mysqli_connect($db_host, $db_user, $db_pass) OR DIE (mysqli_error());
// select the db
mysqli_select_db ($link, $db_name) OR DIE ("Unable to select db".mysqli_error($db_name));
// our sql query
$sql = "INSERT INTO seekers (first_name, last_name, username, email, password, salt) VALUES ('$firstName', '$lastName', '$username', '$email', '$hashedPW', '$salt');";
//save the updated information to the database
$result = mysqli_query($link, $sql) or die("Error in Query: " . mysqli_error($link));
if (!mysqli_error($link)) {
$row = mysqli_fetch_assoc($result);
$_SESSION['user_id'] = mysqli_insert_id($link);
$_SESSION['loggedin'] = TRUE;
header("Location: ../index.php");
}
And here is the session checking and db query on the protected page:
session_start();
if(isset($_SESSION['loggedin']) && $_SESSION['user_id'] != 'user_id') {
include_once('includes/user.header.php');
//set user_id
$user_id = $_SESSION['user_id'];
//include the logged in user header
include_once('includes/user.header.php');
//select user information according to their logged in user_id
$sql = $link->query('SELECT * FROM seekers WHERE id = "'.$user_id.'"');
$row = mysqli_fetch_assoc($sql);
//create piece name together
$firstName = $link->real_escape_string($row['first_name']);
$lastName = $link->real_escape_string($row['last_name']);
$fullName = $firstName. " " .$lastName;
//get username
$username = $link->real_escape_string($row['username']);
When I am redirected to the index.php page, everything looks fine, except none of the user information is being queried from the DB.
Can anyone see what is wrong here? I know it's got to be something little and I'm just over looking it.
Please any help would be greatly appreciated.
EDIT: All information is being stored in the database successfully as well.
You are trying to use user_id without a select query ... indeed you must get the last insert id
changed line ;
$_SESSION["user_id"]=mysql_insert_id();
and
if (!mysqli_error($link))
should be
if (!mysqli_error($result))
and
$sql = $link->query('SELECT * FROM seekers WHERE id = "'.$user_id.'"');
to
$sql = $link->query('SELECT * FROM seekers WHERE user_id = "'.$user_id.'"');