// LOGIN USER
if (isset($_POST['login_user'])) {
$username = mysqli_real_escape_string($db, $_POST['username']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($username)) {
array_push($errors, "Username is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM register WHERE username='$username' AND password='$password'";
$results = mysqli_query($db, $query);
}
$qry = "SELECT * from register";
$result = mysqli_query($qry);
$row = mysqli_fetch_array($result);
$id = $row[0];
if (mysqli_num_rows($results) == 1) {
//here i want to change session from username to id
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}else {
array_push($errors, "Wrong username/password combination");
}
}
?>
This code is also working but i want to replace the username session to id session. Please help me how i get replace it by id.
Here i want to set session as id from username. so please help me how i have to get the solution of my code.
Just copy this Code :
replace your code
$_SESSION['username'] = $username;
to
$_SESSION['id'] = $username;
look like :
if (mysqli_num_rows($results) == 1) {
//here i want to change session from username to id
$_SESSION['id'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}else {
array_push($errors, "Wrong username/password combination");
}
You can get the value like this, because we are get result into an array
$row = mysqli_fetch_array($result);
$id = $row[0];
Correct method is below
// LOGIN USER
if (isset($_POST['login_user'])) {
$username = mysqli_real_escape_string($db, $_POST['username']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($username)) {
array_push($errors, "Username is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM register WHERE username='$username' AND password='$password'";
$results = mysqli_query($db, $query);
}
$qry = "SELECT * from register";
$result = mysqli_query($qry);
$row = mysqli_fetch_array($result);
// $id = $row[0];
$id = $row['id']; //this is the primary key
if (mysqli_num_rows($results) == 1) {
$_SESSION['id'] = $id;
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}else {
array_push($errors, "Wrong username/password combination");
}
}
?>
Just set the $_SESSION['id'] = $id.
Related
I have problem with PHP $_SESSION.
I see only "username" in index page after successfull login/register.
When I change $_SESSION['username'] to $_SESSION['password'] is also displayed.
I need to display "points" value, which is not defined by user during login/register (5 points is auto added to user after register)
How to echo values from database, which are not inserted by users?
if (isset($_POST['login_user'])) {
$username = mysqli_real_escape_string($db, $_POST['username']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($username)) {
array_push($errors, "Please write username");
}
if (empty($password)) {
array_push($errors, "Please write password");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$_SESSION['username'] = $username;
$_SESSION['success'] = "Logged in ";
header('location: index.php');
}else {
array_push($errors, "Something went wrong");
}
}
}```
Try with :
...
if (mysqli_num_rows($results) == 1) {
$row=mysqli_fetch_assoc($result);
//check the data you get from the BD
var_dump($row);die;
// you'll get an array with you data where you'll find the points
// then just assign it to a session
$_SESSION['user_points'] = $row['user_points']; // for example
$_SESSION['username'] = $username;
$_SESSION['success'] = "Logged in ";
header('location: index.php');
}
...
This is my code
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM admin WHERE username='".$_POST['username']."' AND passcode='".$_POST['password']."'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) >0) {
$_SESSION['username'] = $username;
$_SESSION['username2'] = "gfgf";
$_SESSION['username3'] = $row['column_name'];
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}else {
array_push($errors, "Wrong username/password combination");
}
}
I want to use $_SESSION['username3'] .But it is not work. what is the problem with my code. $_SESSION['username2'] is finely work.
there is a matching data in this Table too.
Try this code. You missed this line while ($row = $results->fetch_assoc()) and $password = md5($_POST['password']);
if (count($errors) == 0) {
$password = md5($_POST['password']);
$query = "SELECT * FROM admin WHERE username='".$_POST['username']."' AND passcode='".$_POST['password']."'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) >0) {
while ($row = $results->fetch_assoc()){
$_SESSION['username'] = $username;
$_SESSION['username2'] = "gfgf";
$_SESSION['username3'] = $row['column_name'];
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}
}else {
array_push($errors, "Wrong username/password combination");
}
}
Is there a better way to write this code to where I can pull data from my id, firstname and lastname columns during login?
if (isset($_POST['login_user'])) {
$email = mysqli_real_escape_string($db, $_POST['email']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($email)) {
array_push($errors, "EMAIL is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM users WHERE email='$email' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$_SESSION['email'] = $email;
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}else {
array_push($errors, "Wrong username/password combination");
}
}
}
I have a login page where user insert their username and password.
I create a session which will display the username of the user at the main page using below code.
However, instead of the username, I want to display the user's full name. How do I display the full name using $_SESSION['username']?
My table name is users and consist of column fullname, username and password.
if (isset($_POST['login_user'])) {
$username = mysqli_real_escape_string($db, $_POST['username']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($username)) {
array_push($errors, "Username is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}else {
array_push($errors, "Wrong username/password combination");
}
}
}
Use db query like mysqli_fetch_assoc to get data from db
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$row = mysqli_fetch_assoc($results );
$_SESSION['fullname'] = $row['fullname'];
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}else {
array_push($errors, "Wrong username/password combination");
}
}
for more : https://www.w3schools.com/php/func_mysqli_fetch_row.asp
session_start();
if (isset($_POST['login_user'])) {
$Email = mysqli_real_escape_string($database, $_POST['Email']);
$Password = mysqli_real_escape_string($database, $_POST['Password']);
if (empty($Email)) {
array_push($errors, "Email is required");
}
if (empty($Password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$Password = md5($Password);
$query = "SELECT * FROM Users WHERE Email='$Email' AND Password='$Password'";
$results = mysqli_query($database, $query);
$row = mysqli_fetch_assoc($results);
if (mysqli_num_rows($results) == 1) {
$_SESSION['Email'] = $Email;
$UserID = $row['UserID'];
$_SESSION['UserID'] = $UserID;
header('location: Home.php');
}else {
array_push($errors, "Wrong Email/Password combination");
}
i am able to get the Email stored in sessions but i can not get the UserID. can i also use the userID stored in sessions to add to a form?