I have this
session_start();
if ($_SESSION['email']&&$_SESSION['companyID'])
echo $_SESSION['email']."";
else
die("You must be logged in!");
and now im saving some data in database, and i want to save the companyID aswell by using createUser.php which contain these but its not saving the companyID
$userID=0;
$userRole=$_POST ["role"];
$userEmail = $_POST["userEmail"];
$userPassword = $_POST["userPassword"];
$companyID = $_POST[$_SESSION["companyID"]];
// insertion to user_details table
$sql = "INSERT INTO users (userID, email, password,companyID,roleID) VALUES
('$userID', '$userEmail', '$userPassword','$companyID','$userRole')";
Try replacing this:
$companyID = $_POST[$_SESSION["companyID"]];
For this:
$companyID = $_SESSION["companyID"];
Related
Hi this has been frustrating me for a while and I can't seem to figure out what is wrong with my code
So I currently have a database called artworks and it has 2 tables within it a artwork table and a members table ( for login including username and password )
I already have login.php that stores username and password to the members table
Now I want to get that username from members table and store it within artworks table somehow. ( I do not know why my code is not storing my username into it)
<?php
session_start();
if(isset($_POST['title'])) $title = $_POST['title'];
if(isset($_POST['category'])) $category = $_POST['category'];
if(isset($_POST['description'])) $description = $_POST['description'];
if(isset($_POST['tags'])) $tags = $_POST['tags'];
$filename = $_FILES['image']['name'];
$location = $_FILES['image']['tmp_name'];
//move the file
move_uploaded_file($location, "uploads/$filename");
//put data into database
$db = mysqli_connect("localhost", "root","", "artworks") or die(mysqli_error($db));
$_SESSION['username'] = $username;
$q = "insert into artwork values(null, '$_SESSION[username]','$title', '$category', '$description', '$tags', '$filename')";
mysqli_query($db, $q) or die(mysqli_error($db));
//redirect
header("Location:gallery.php");
exit(0);
Ive also tried $_SESSION['username'] = $username; and $_SESSION['username'] = '$username'; and it still does not seem to work
I also want to display the current logged in user's name at the bottom of the page but echo $username also does not work ..
Many Thanks
should you do this, sign the $_SESSION['username'] at login section, i mean, after you success login, you create session with name => username and sign them from query's that refer to taking username and password from table member.
because session value still store although you change page, on the next page, refer to code above, you just include it to your query string.
for example
login.php
// u get data username and password from table member and asign it to $username
session_start();
$username = "foo";//you can sign this value from query tables
$_SESSION['username'] = $username;
remember, value on session still kept.
an in other side, on
store.php => it my assume ^_^
//after that $_SESSION[username] will be sign with name foo, for example
$q = "insert into artwork values(null, '$_SESSION[username]','$title', '$category', '$description', '$tags', '$filename')";
mysqli_query($db, $q) or die(mysqli_error($db));
I have one login page and its database. i want to take the email from there and store it in another table of the same database. Code is give below please have a look and tell me.
Table 1
<?php
session_start();
$email = $_POST['email'];
$password = $_POST['password'];
include 'connection.php';
$sql = "SELECT * FROM users WHERE email='$email' AND password='$password'";
$res = mysql_query($sql);
$count = mysql_num_rows($res);
if($count == 0)
{
echo "Username Password Incorrect";
}
else
{
$_SESSION['email'] = $email;
header("location:home2.php")
}
?>
Table 2
<?php
$email= (HOW TO GET IT FROM SESSION?)
$company = $_POST['company'];
$project = $_POST['project'];
$duration = $_POST['duration'];
$key_learning = $_POST['key_learning'];
include 'connection.php';
$sql = "INSERT INTO `internship`(`id`, `email`, `company`, `project`, `duration`, `key_learning`) VALUES ('', '$email', '$company','$project', '$duration', '$key_learning')";
$res = mysql_query($sql);
$count = mysql_num_rows($res);
if($count == 1)
{
echo "Fail";
}
else
{
$_SESSION['email'] = $email;
header("location:home3.php");
}
?>
From table 1 i want to take email if using session and want to store it in table 2. How to do it?
$email= (HOW TO GET IT FROM SESSION?)
If the 2nd code block is in the same execution context as the first, you can just use the variable $email that you created.
If you're trying to retrieve data from session as the user navigates to a new page, you do:
<?php
session_start();
$email = isset($_SESSION['email'])? $_SESSION['email'] : null;
By the way, in the 2nd code block you're trying to use mysql_num_rows to analyze the effect of an INSERT query. You can't do that. According to the manual:
[mysql_num_rows] retrieves the number of rows from a result set. This
command is only valid for statements like SELECT or SHOW that return
an actual result set. To retrieve the number of rows affected by a
INSERT, UPDATE, REPLACE or DELETE query, use mysql_affected_rows().
$res = mysql_query($sql) or die(mysql_error());
if(mysql_affected_rows()){
//success
}else{
//failure
}
You should not be using mysql_ functions anyway and you should most definitely not be inserting user provided values (username, email, password) directly in your SQL statement
I have a customer details form I am trying to insert into my Customer table. The insertion isn't working, but I've identified that it's the session cookie at fault, by changing the $user_ID to a '1' and then it successfully inserted into the database. I'd really appreciate help in identifying where I've gone wrong with setting or calling my session cookie, or what I should do to get it to work. Thanks.
Setting the session cookie on login:
$sql = "SELECT User_ID, Username, Password, User_Level
FROM Account
WHERE Username = '$username' AND Password = '$password'";
$record = mysql_query($sql);
$row = mysql_fetch_array($record);
if(mysql_num_rows($record) == 0){
die(header("location: LoginFailed.html"));
}else if(mysql_num_rows($record) == 1){
$row = mysql_fetch_array($record);
$_SESSION["User_ID"] = $row["User_ID"];
$_SESSION["User_Level"] = $row["User_Level"];
header("location:Home.html");
}
else{$row = mysql_fetch_array($record);
$_SESSION["User_ID"] = $row["User_ID"];
$_SESSION["User_Level"] = $row["User_Level"];
header("location: Home.html");
}
mysql_close();
Assigning the session cookie to a variable in php:
session_start();
$user_ID = $_SESSION['User_ID'];
The insertion code used:
INSERT INTO Customer (User_ID, Forename, Surname, Address1, Address2, Town, Country, Postcode, Phone_No, Mobile, dob, Emergency_Name, Emergency_Number, Nationality, Profession, Academic_Qual, Volunteer_Reason)
VALUES ('$user_ID', '$regForename', '$regSurname', '$regAddress1', '$regAddress2', '$regTown', '$regCountry', '$regPostcode', '$regPhone', '$regMobile', '$regDOB', '$regEmergencyName', '$regEmergencyPhone', '$regNationality', '$regProfession', '$regQualification', '$regVolunteer')";
I tried an echo of the sql code and the User_ID is blank so it is failing to obtain it, at all. Really appreciate your help.
according your description,When ‘echo’ SQL , the User_ID is blank, you need check the variable $user_ID has value , and should also check table Customer field Use_ID‘s type , it’s int or varchar ? it can be null ? it's unique ? If you do not know what i say, you can post your table structure.
I'm pretty much a novice when it comes to coding, so sorry for lack of knowledge here.
I'm trying to retrive a forigne key attribute from one database table (the user's ID number) so I can then make that id a variable which will be used to save the details into another database table.
From that I can view all of the saved records linked with that user's id when they are logged in.
My problem is with getting the user ID and making it a variable to save into the database, I just can't seem to make it work. The rest of the code works if I remove the user ID but I need that to save into the table.
Here's my code:
require_once( "dbconnect.php" );
try
{
$db = getConnection();
function get_id($db)
{
$username= $_SESSION['username'];
$result = $db->query(
"SELECT userID FROM users where username='$username'");
return $result;
}
$uID = get_id($db);
$userID= $uID->setFetchMode(PDO::FETCH_NUM);
$title = $Result->title;
$desp = $Result->description;
$sql = "INSERT INTO saved (userID, title, desp
VALUES ('$userID', '$title', '$desp')";
The proper way
function get_subid($db,$username)
{
$stm = $db->prepare("SELECT userID FROM users where username=?");
$stm->execute(array($username));
return $stm->fetchColumn();
}
$userID = get_subid($db,$_SESSION['username']);
try removing the quotes around userid variable in your query :
$sql = "INSERT INTO saved (userID, title, desp) VALUES ($userID, '$title', '$desp')";
Try the following:
require_once( "dbconnect.php" );
try {
/** * ** connect using the getConnection function written in myfunctions.php ** */ $db = getConnection();
function get_subid($db) {
$username= $_SESSION['username']; //variable accessed through the function
$query = $db->query("SELECT userID FROM users where username='$username'");
$row = $query->row(); //Get's the first Row
$result = $row->userID; //Get's the field userID of this first row
return $result;
}
$uID = get_subid($db);
$title = $Result->title;
$desp = $Result->description;
// insert into database
$data = array(
'userID' => $uID,
'title' => $title,
'desp' => $desp
);
$db->insert('saved', $data);
This should be what you'd like (see the comments)
I have a registration script where the user id is saved as a session variable after registration and the user is redirected to their homepage. For some reason the user id is not being stored in the session variable. This exact same script worked on a different project, I simply took the project and changed the database connection settings and now it's not working.
Here is the registration script:
mysqli_connect($db_host, $db_user, $db_pass) OR DIE (mysqli_error());
// select the db
mysqli_select_db ($link, $db_name) OR DIE ("Unable to select db".mysqli_error($db_name));
// our sql query
$sql = "INSERT INTO seekers (first_name, last_name, username, email, password, salt) VALUES ('$firstName', '$lastName', '$username', '$email', '$hashedPW', '$salt');";
//save the updated information to the database
$result = mysqli_query($link, $sql) or die("Error in Query: " . mysqli_error($link));
if (!mysqli_error($link)) {
$row = mysqli_fetch_assoc($result);
$_SESSION['user_id'] = mysqli_insert_id($link);
$_SESSION['loggedin'] = TRUE;
header("Location: ../index.php");
}
And here is the session checking and db query on the protected page:
session_start();
if(isset($_SESSION['loggedin']) && $_SESSION['user_id'] != 'user_id') {
include_once('includes/user.header.php');
//set user_id
$user_id = $_SESSION['user_id'];
//include the logged in user header
include_once('includes/user.header.php');
//select user information according to their logged in user_id
$sql = $link->query('SELECT * FROM seekers WHERE id = "'.$user_id.'"');
$row = mysqli_fetch_assoc($sql);
//create piece name together
$firstName = $link->real_escape_string($row['first_name']);
$lastName = $link->real_escape_string($row['last_name']);
$fullName = $firstName. " " .$lastName;
//get username
$username = $link->real_escape_string($row['username']);
When I am redirected to the index.php page, everything looks fine, except none of the user information is being queried from the DB.
Can anyone see what is wrong here? I know it's got to be something little and I'm just over looking it.
Please any help would be greatly appreciated.
EDIT: All information is being stored in the database successfully as well.
You are trying to use user_id without a select query ... indeed you must get the last insert id
changed line ;
$_SESSION["user_id"]=mysql_insert_id();
and
if (!mysqli_error($link))
should be
if (!mysqli_error($result))
and
$sql = $link->query('SELECT * FROM seekers WHERE id = "'.$user_id.'"');
to
$sql = $link->query('SELECT * FROM seekers WHERE user_id = "'.$user_id.'"');