I am creating a website with user register and login system. Users can give several options for in the database by registrering. But now I add a option to upload your profile pic. But I can only change that one thats mentioned in the script and not the user thats logged in. Can someone help me?
<?PHP
require_once("./include/fg_membersite.php");
require_once("./include/membersite_config.php");
if(!$fgmembersite->CheckLogin())
{
$fgmembersite->RedirectToURL("login.php");
exit;
}
?>
<?php session_start();
$_SESSION['username'] = "ademd";
?>
<?php
if(isset($_POST['submit'])){
move_uploaded_file($_FILES['file']['tmp_name'],"images/".$_FILES['file']['name']);
$con = mysqli_connect("voetbaltransfermarkt.nl.mysql","voetbaltransfer","","voetbaltransfer");
$q = mysqli_query($con, "UPDATE fgusers3 SET image = '".$_FILES['file']['name']."' WHERE username = '".$_SESSION['username']."'");
}
?>
You should use a link to profile picture in your database table to display profile picture and then in my profile page put an UPDATE query of mysql for updating link to that uploaded picture.
Related
i am creating login page where user will be redirected to his/her profile page. Profile page contains the articles of that user...
I have problem in login page, actually i want to store user id in
session from login page.. as i am storing user_email in session and it
does successfuly.. but it gives error on user_id session (undefined
index)....
addition
i want to show articles of logged in user through user_id session...
Here is the code of login page..
<?php
if(isset($_POST['login'])){
$user_email=mysqli_real_escape_string($con,$_POST['user_email']);
$user_password=mysqli_real_escape_string($con,$_POST['user_password']);
$encrypt= md5($user_password);
$check_login="select * from users where customer_email='$user_email'
AND customer_pass='$user_password'";
$run_login= mysqli_query($con, $check_login);
$row = mysqli_fetch_array($run_login);
$num = mysqli_num_rows($run_login);
$user_id=['customer_id'];
if($num==1){
$_SESSION['customer_email']="$user_email";
$_SESSION['customer_id']="$user_id";
echo "<script>window.open('index.php','_self')</script>";
}
else{
echo "This Username Doesnt Exists or Empty Login !";
}
}
?>
</div>
Step 1:
Do not forget to put session_start();
Step 2:
Change $user_id=['customer_id']; to $user_id=$row['customer_id'];
You must set $user_id only if there is a return from DB (otherwize you don't know this id)
if($num==1){
$user_id=$row['customer_id'];
// ....
}
I trying create a simple profile edit page. Don't care syntax, I've refined
<?php
$resultMember = mysql_query("SELECT * FROM member WHERE email='".$_SESSION['memberEmail']."'");
..
$oldProfilePhoto = $resultMember['pp'];
..
{ //post controll
$W = " WHERE email='".$_SESSION['memberEmail']."' AND pasw='".$_SESSION['memberPsw']."'";
if(!isset($_FILES['profilePhoto']['value'])){
mysql_query("UPDATE member SET pp='".$oldProfilePhoto."'".$W) or die(mysql_error());
}
$profilePhoto = "inc/img/".$_SESSION['memberSkype']."/".$_FILES['profilePhoto']['name'];
move_uploaded_file($_FILES['profilePhoto']['tmp_name'],$profilePhoto);
mysql_query("UPDATE uye SET pp='".$profilePhoto."'".$W) or die(mysql_error());
}
..
?>
So, Image upload (OK), oldPhotoName get (OK), user select photo sent by post (OK), in short everthing (OK) but first changed profile photo after try change profile photos is return to empty. Not added oldphoto,
If the user chooses photos, old photo is not changed.
Thank you for your interest.
Good works..
i am making my own php game. So far i have made almost everything. Now to finish it, i need to get id from user who is logged in. I'm not so familiar with the functions and sessions. Please help.
This is what i made so far:
In my index page people login. then they are redirected to this.
So $_POST['username'] is where user type his user name in index.
<?php
$username = $_POST['username'];
include("Files/config.php");
$connect = #mysql_connect(DB_SERVER, DB_USER, DB_PASSWORD);
if($connect) {
if(mysql_select_db(DB_NAME)) {
$sql = mysql_query("SELECT * FROM users WHERE `username`='$username'") or die(mysql_error());
$gatherinfo = mysql_fetch_array($sql);
global $getid;
$getid = $gatherinfo['id'];
echo $getid;
function getuid() {
$_SESSION['getuid'] = $getid;
echo $getid;
}
}
}
else{ echo "Can not connect";}
?>
I searched other scripts for this, i found on one it says just $session->uid and it shows his id from mysql.
In mysql database i have table users with info about them
Id, username, password (password is hashed), email,...
Please help me if you can :D
At the beginning of index file (where your user logging in) start named session (be careful to avoid echo or print any values before session_start:
<?php //index.php
session_name('SAMPLESESSION');
session_start();
then when you will get the logged User ID, write this value to the session variable, like this:
.....
$_SESSION['uid'] = $getid;
.....
in the script you was redirected by your index file start session with the same name and get your user ID:
<?php //redirectedfromindex.php
session_name('SAMPLESESSION');
session_start();
echo $_SESSION['uid'];
....
If I right understand you, these that you need.
There's basically pictures on my users profile page that people need permission to see.
I'm basically getting the user to click one link to open a jQuery window and then from within that jQuery window the user needs to click another link and this runs the mysql function and is suppose to insert the user_id which is the users $_session['user_id'] into the table 'ptb_permissions' and the profile id of the user whose pictures that user is trying to see.
So this means the users $profile_id needs to be inserted into 'private_id.
At the moment though only the user_id is being inserted. can someone please show me where I'm going wrong I think I'm loosing the echo at the first link, I don't think I've written the code write here:
<?php
$photo = "data/private_photos/0/_default.jpg";
if (!file_exists($photo)) {
$photo = "data/photos/0/_default.jpg";
}
$thumb = "data/private_photos/0/_default.jpg";
if (!file_exists($thumb)) {
$thumb = "data/photos/0/_default.jpg";
}
echo
"<li><img src=\"$thumb\" width=\"90\" height=\"90\" alt=\"<strong>{$profile[2]}'s Photos</strong>\" /></li>";
?>
after this link is clicked this then opens up a jquery window and the user needs to click:
Let Me See
then i run my function:
<?php
// CONNECT TO THE DATABASE
require('includes/_config/connection.php');
// LOAD FUNCTIONS
require('includes/functions.php');
require_once("includes/session.php");
// GET IP ADDRESS
$ip_address = $_SERVER['REMOTE_ADDR'];
session_start();
if (isset ($_GET['to'])) {
$user_to_id = $_GET['to'];
}
if (!isset($_GET['to']))
exit('No user specified.');
$user_id = $_GET['to'];
$sql = "INSERT INTO ptb_permissions (id, user_id, private_id) VALUES (NULL, '".$_SESSION['user_id']."', '".$user_to_id."');";
mysql_query($sql, $connection);
echo "<div class=\"infobox2\"><strong>Your message has successfully been sent.</strong></div>";
?>
I don't know, but the link syntax is not correct:
request_priv_pix.php?to=?to=...
May be:
request_priv_pix.php?to=...
Looks like you may have a typo in second link?
href="request_priv_pix.php?to=?to="
My Profile php
<?php
//profile.php
require_once 'includes/global.php';
//check to see if they're logged in
if(!isset($_SESSION['logged_in'])) {
header("Location: login.php");
}
// finding user and viewing it
$tools = new FindUser();
$user = $tools->get($_REQUEST['userID']);
?>
This is my php for viewing user profile.
http://mywebsite.com/profile.php?userID=5 its working fine in this way.
i want my code to check if user is available in database for example if i add ?userID=10 which is not present in database it gives out mysql error or even if i use http://mywebsite.com/profile.phpthen also it give error.
so now i want if user is not available in database it should give that user is not available and when we use simple http://mywebsite.com/profile.php it should give auto add it to userID=1 OR REDIRECT it to home.php
If there is other way of doing this please let me know. well im very newbie in this field
Thanks for looking my question and answering :)
Solved
<?php
//profile.php
require_once 'includes/global.php';
//check to see if they're logged in
if(!isset($_SESSION['logged_in'])) {
header("Location: login.php");
}
$UserID = $_GET['userID'];
$CheckQuery = mysql_query("SELECT * FROM users WHERE id='$UserID'");
$CheckNumber = mysql_num_rows($CheckQuery);
if ($CheckNumber !== 1)
{
header("Location: index.php");
}
// finding user and viewing it
$tools = new FindUser();
$user = $tools->get($_REQUEST['userID']);
?>
You shouldn't use MySQL As it's depreciated,
If you really wish to use MySQL You could check at the start of the script if there is a row count for the User ID, Example:
<?
$UserID = $_GET['UserID'];
$UserID = mysql_real_escape_string($UserID);
$CheckQuery = mysql_query("SELECT * FROM users WHERE userID='$UserID'");
$CheckNumber = mysql_num_rows($CheckQuery);
if ($CheckNumber !== 1)
{
// Do something If user is Not Found
// Redirect to Another Page OR Something
}
?>
than check that query give with result if it wont found data in database than redirect
$result = mysql_query(...);
if(mysql_num_rows($result) !=1){ //
header("Location:signup.php");
exit();
}
You shouldn't use MySQL As it's depreciated, either use PDO or mysqli