I am new to php.
I want to use form data that are sent through <form method="POST" action="formdata.php"> to formdata.php be used in another file called main.php. For this I ucerated session variables in formdata.php
Hers's my code in formdata.php
<?php
session_start();
include_once("connect.php");
$n=$_POST['name'];
$p=$_POST['password'];
$sql=mysql_query**strong text**("SELECT * FROM member WHERE `userName`='$n' AND `password`='$p'");
if(mysql_num_rows($sql)==1){
$_SESSION['user']=mysql_fetch_array(mysql_query("SELECT * FROM member WHERE `userName`='$n' AND `password`='$p'"));
if($_SESSION['user']){
$user=$_SESSION['user'];
$_SESSION['userN']="$user(['userName'])";;
$_SESSION['level']="$user(['level'])";
//header("location:mainPage.php");
echo $user['level'];
echo $_SESSION['level'];
}
}
else{
echo "invalid user name or password" ;
}
?>
But when I echo $user['level'];
echo $_SESSION['level']; all I get printed is 3Array(['level']). Here echo $user['level'] gives the desired out put 3, but echo $_SESSION['level'] gives an array as Array(['level']). What can I do to make it print 3?
My next question is I want to use this level value in another php file (main.php). I lerant that session variables are global. So can I use $user['level'] or should I use $_SESSION['level']. In main.php I want to check the condition
if($user['level'] == 3) {
echo "level 3 user";
}
The issue is this line: $_SESSION['userN']="$user(['userName'])";;
You're setting $_SESSION['userN'] equal to whatever $user is in string form which is Array, and (['username']).
Why are you even setting userN? $_SESSION should already contain the user in question, and you can just retrieve it anywhere to get the contents.
This should be all you need:
<?php
session_start();
include_once("connect.php");
$n=mysql_escape_string($_POST['name']);
$p=mysql_escape_string($_POST['password']);
$sql = mysql_query("SELECT * FROM member WHERE `userName`='$n' AND `password`='$p'");
if(mysql_num_rows($sql)==1)
{
//You can reuse the original $sql here. No need to run another query.
$_SESSION['user']=mysql_fetch_array($sql);
//If mysql_num_rows($sql) returns 1, $_SESSION['user'] should always be equal to a user array (Which is true).
header("location:mainPage.php");
}
else{
echo "invalid user name or password" ;
}
?>
On the other page (mainPage.php), just use session_start(), and check to see what is inside $_SESSION. This script should give you a jump start:
<?php
session_start();
print_r($_SESSION);
//This will get the level you're looking for
$level = $_SESSION['user']['level'];
?>
It should contain the user/level and any other information you need.
Related
This is a fragment of my code, that get all users from Active Directory (some fields). The first column (user_name) is a reference to the page2.php where I can see User profile more detail. The problem is page1.php passes only last values of the link from the cycle. How can I do that, any dynamic link of the user passes its information. Could you help me? Thanks. $info is an array of LDAP data.
Here is my code:
<?php for ($i=0; $i<$info["count"]; $i++) {
$res=$info[$i];
$m_name=$res["displayname"];
$m_title=$res["title"];
$m_dep=$res["department"];
$m_tel=$res["telephonenumber"];
$m_mail=$res["mail"];
?>
<?php echo '<div class="column"><h5>'.$m_name[0].'</h5></div>'?>
<?php echo '<div class="column"><h5>'.$m_title[0].'</h5></div>'?>
<?php echo '<div class="column"><h5>'.$m_tel[0].'</h5></div>'?>
<?php echo '<div class="column"><h5>'.$m_tel[0].'</h5></div>'?>
<?php echo '<div class="column"><h5>'.$m_mail[0].'</h5></div>'?>
<?php } ?>
Depending on exactly what you are trying to do, you can do it in two ways. Based on what you described, and your comment about Sessions, you can pass information from page to page using a session.
http://php.net/manual/en/session.examples.basic.php
session_start();
$_SESSION['displayname'] = $res["displayname"];
$_SESSION['title'] = $res["title"];
$_SESSION['department'] = $res["department"];
$_SESSION['telephonenumber'] = $res["telephonenumber"];
$_SESSION['mail'] = $res["mail"];
And then on Page2, read the values back or use them directly on the page:
$name = $_SESSION['displayname'];
or
echo 'Hello ' . $_SESSION['displayname'] . ' how are you?';
But if Page1 is a list of all users, how would you determine what information to store in the session for passing to Page2?
It would make more sense to me to use GET parameters to pass information from page to page. So, for example, if Page1 is a list of all users, and Page2 information about a single user, you could structure your loop like this:
<?php for ($i=0; $i<$info["count"]; $i++) {
$res=$info[$i];
$m_name=$res["displayname"];
$m_title=$res["title"];
$m_dep=$res["department"];
$m_tel=$res["telephonenumber"];
$m_mail=$res["mail"];
?>
<?php echo '<div class="column"><h5>'.$m_name[0].'</h5></div>'?>
<?php echo '<div class="column"><h5>'.$m_title[0].'</h5></div>'?>
<?php echo '<div class="column"><h5>'.$m_tel[0].'</h5></div>'?>
<?php echo '<div class="column"><h5>'.$m_tel[0].'</h5></div>'?>
<?php echo '<div class="column"><h5>'.$m_mail[0].'</h5></div>'?>
<?php } ?>
The unique ID from LDAP is just that. Something unique to that user that you can use to search on Page2 and pull out all of the details you want to print. It should be present in your $res array already.
So Page2 would have something like this at the top:
if(!isset($_GET['id']){
//Give an error if the ID isn't in the URL
}
$id = $_GET['id'];
$result = loadFromLDAP($id);
//Do stuff with the resulting $result array
loadFromLDAP being a function you would write to get details about a user from LDAP. Hope this helps get you on the right track.
I'm new to php.
I have this page:
<?php
function renderForm($id, $StaffFullName, $StaffJobPosition, $error)
{
?>
<!doctype html>
<html>
<head><title></title></head>
<body>
<?php
// if there are any errors, display them
if ($error != '')
{
echo '<div>'.$error.'</div>';
}
?>
<form action="" method="post">
<input type="hidden" name="id" value="<?php echo $id; ?>"/>
<div>
<p>ID: <?php echo $id; ?></p>
Name: * <input type="text" name="StaffFullName" value="<?php echo $StaffFullName; ?>"/><br/>
Job Position: * <select name="JobPosition">
<?php
$query = "SELECT * FROM LUT_JOBPOS";
$result = mysqli_query($connection, $query);
while($row = mysqli_fetch_assoc($result)){
if ($StaffJobPosition == $row['JobposID'])
{
echo "<option value='{$row['JobposID']}' selected='selected'>{$row['JobposTitle']}</option>";
}
else {
echo "<option value='{$row['JobposID']}'>{$row['JobposTitle']}</option>";
}
}
$result->close();
?>
</select><br/>
<input type="submit" name="submit" value="Update">
<input type="button" onClick="parent.location='view.php'" value="Back">
</div>
</form>
</body>
</html>
<?php
}
// connect to the database
require_once('../../authenticate.php');
// check if the form has been submitted. If it has, process the form and save it to the database
if (isset($_POST['submit']))
{
// do some funky stuff
}
else
// if the form hasn't been submitted, get the data from the db and display the form
{
// get the 'id' value from the URL (if it exists), making sure that it is valid (checking that it is numeric/larger than 0)
if (isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] > 0)
{
// query db
$id = $_GET['id'];
$query = "SELECT * FROM STAFF WHERE StaffID=$id";
$result = mysqli_query($connection, $query);
$row = mysqli_fetch_assoc($result);
$result->close();
// check that the 'id' matches up with a row in the database
if($row)
{
// get data
$StaffFullName = $row['StaffFullName'];
$StaffJobPosition = $row['StaffJobPosition'];
// show form
renderForm($id, $StaffFullName, $StaffJobPosition, '');
}
else
// if no match, display result
{
echo "No results!";
}
}
else
// if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
{
echo 'Error!';
}
}
?>
So, what happens here is this:
When you open the page like edit.php?id=1, it fetches the data of the associated record from STAFF table and shows them on page for the user to edit them.
This part of the code works fine.
I also want the user to be able to select "Job Position" possible values from a drop down box. The drop down box should get its data from another table in database, LUT_JOBPOS.
This is the part of the code that doesn't work.
I was using mysql_query commands before on this page and it worked perfectly. However I was told to switch on mysqli_query instead.
Since I did the conversion I can't find how to run these two queries on the same script.
I messed a little bit with the require_once command and depending on where I call it I can run one query or another, but never both of them.
Looking at the logs of my web host the only thing I can see that may be relevant to my issue is:
"mod_fcgid: stderr: PHP Notice: Undefined variable: connection in /var/www/vhosts/myhostdomain.com/httpdocs/prod15/admin/staff/edit.php on line 24"
The connection variable comes from authenticate.php and it holds the connection parameters to the database. I'm sure it's set otherwise the first query (that gets the user data) wouldn't work.
I read somewhere that you can't run two sqli queries on the same script.
Then how I'm supposed to use a LUT table (lookup table)?
PS: I know that for showing the data I can use a UNION and that's what I do.
But when I edit the data I want the user to be able to select only from the possible values that exist on the LUT table (drop down select box)
Any help?
You have a lot of issues in your code. You really need to review it before use it in some real application, but for your specific problem, here is my guess.
You are calling the line $result = mysqli_query($connection, $query); in the line 24 and only after taht you call require_once('../../authenticate.php');.
As you said, the $connection var is defined in the authenticate.php, so in the line 24 is undefined.
Try to use require in the first line of your php script.
I am displaying the user names as links on a php page like this which on clicking navigates on particular user home page:
$msql=$db->prepare("SELECT * from users where id=? order by id desc");
$msql->bind_param("i",$user_id);
$msql->execute();
$msql = $msql->get_result();
$msql = $msql->num_rows;
while($usercount=$msql->fetch_assoc())
{
$Email = $usercount['email'];
$FirstName = $usercount['first_name'];
$LastName = $usercount['last_name'];
?>
<strong><?php echo $FirstName.' '.$LastName;?></strong>
<?php
}
?>
And for the navigation to the user home page on clicking the link, I am using like this :
<?php
if(isset($_GET['navigate']) && $_GET['navigate'] == "true"){
$_SESSION['email'] = $Email;
header('location: nextpage.php');
}
?>
So my page looks like this as link
user1
user2
user3
.
.
.
usern
My issue is whenever I click on any of the links it always stores the first email in the session variable.
So, if I output the SESSION in nextpage.php
echo $_SESSION['email'];
it always echoes the first link email.
My guess for this because of the while loop I am using it always picks up the first link data and stays with it, but my question is how do i get the data for others as well. I want to navigate to that user page for which the link is clicked and that can only be done if I get the correct email on clicking the link.
As you said id is not primary key, and i assume that your same id will contain different emails, you have to do below changes:-
<?php
$msql=$db->prepare("SELECT * from users where id=? order by id desc");
$msql->bind_param("i",$user_id);
$result = $msql->execute(); // assign to a variable
//$msql = $msql->get_result(); //you are over-writing to one variable which is not correct
//$msql = $msql->num_rows; //you are over-writing to one variable which is not correct
while($usercount=$result->fetch_assoc()){
$Email = $usercount['email'];
$FirstName = $usercount['first_name'];
$LastName = $usercount['last_name'];
?>
<strong><?php echo $FirstName.' '.$LastName;?></strong> <!-- send mail id to the url too otherwise how's you will get the email id to save it into SESSION-->
<?php } ?>
AND
<?php
if(isset($_GET['navigate']) && $_GET['navigate'] == "true"){
$_SESSION['email'][] = $_GET['email']; // assign each mail to SESSION ARRAY not SESSION variable
header('location: nextpage.php');
}
?>
AND
echo "<pre/>";print_r($_SESSION['email']); //to see all emails.
Note:- You have to write session_start(); on top of your php page just after <?php if you want to work with SESSION on that page.
this is login.php and its header location is index.php and i want to store session id on index page but nothing has been shown
<?php
#extract($_POST);
include("config.php");
$sql="select password,name,us.id as uid from us left join tblblo on (tblblo.maker=us.id) where name='$websitename' and password=md5('$password')";
$result=$db->query($sql);
if($count=mysql_num_rows($result)>0)
{
$row=mysql_fetch_assoc($result);
$_SESSION['name']=$row['name'];
$_SESSION['id']=$row['uid'];
header("location:http://".$_SESSION['name'].".domain.com");
}
else
{
//$_SESSION['sess_msg']="Invalid Web Name or Password!Try Again.";
//header("location:https://domain.com/login.php");
//exit;
}
?>
i want to store session id on index page but nothing has been shown
1) It's always good to write session_start(); in the very beginning of your code before outputting anything else..
<?php
session_start();
#extract($_POST);
include("config.php");
2) You're mixing up the deprecated mysql API's with the object_oriented ones.
Change this:
if($count=mysql_num_rows($result)>0)
{
$row=mysql_fetch_assoc($result);
$_SESSION['name']=$row['name'];
$_SESSION['id']=$row['uid'];
To this:
$count = $result->num_rows;
if($count > 0)
{
$row = $result->fetch_assoc());
$_SESSION['name']=$row['name'];
$_SESSION['id']=$row['uid'];
3) this is login.php and its header location is index.php and i want to store session id on index page but nothing has been shown
I think what you meant was to use/echo the session values on index.php rather store?
on your index.php (after successfully storing the sessions on login.php):
<?php
echo $_SESSION['name'];
echo $_SESSION['id'];
?>
I want to create session for the record tag_id here is my sql code please help me how i create session for this value..
<?php
$sql_tagid=mysql_query("SELECT * FROM tag_new WHERE EMAIL_ID='$sessionemail' AND CUST_ID='$id'") or die(mysql_error());
while($tagid=mysql_fetch_array($sql_tagid)){
echo $tagid['tag_id'];
}
?>
First you need to start session
session_start();
after that add variable to session
$_SESSION['tag'] = $tag['tag_id']
after that you can check by print session
print_r($_SESSION); you value in session or not
$_SESSION['tag'] = $tagid['tag_id']
Try this, if you have mutliple tag id then use it $_SESSION['tag_id'][], if you have only one $_SESSION['tag_id']
session_start();
while($tagid=mysql_fetch_array($sql_tagid)){
$_SESSION['tag_id'][] = $tagid['tag_id'];
}
var_dump($_SESSION['tag_id']);
<?php
session_start(); // To assign a session variable you have to start the session
$sql_tagid=mysql_query("SELECT * FROM tag_new WHERE EMAIL_ID='$sessionemail' AND CUST_ID='$id'") or die(mysql_error());
while($tagid=mysql_fetch_array($sql_tagid))
{
$_SESSION['tag_id'] = $tagid['tag_id']; // assign tag_id value to session variable
echo $tagid['tag_id'];
}
?>
For getting the value of session on another page say page1.php then you have to do :-
page1.php
<?php
session_start();
echo $_SESSION['tag_id'];
?>