I have a site, and when I login I want to see my user id, I don't know what code to use or what to do.
And I need it in a sql code to:
mysql_query("UPDATE users SET ally='3' WHERE ID =THE CURRENT USER ID ");
Sorry for my bad English. Please help
the main concept of login is that the user logs in with his unique id.with the help of that id you have to fetch the users record.
the as per requirement write the sql as: select or update.
Related
I've noticed that the site's user profile edit form allows logged in user to take other user's id and e-mail, which is not good.
To avoid such behavior I've made the query SELECT * FROM users WHERE (username='$username' OR email='$email'); which gets all usernames, all e-mails and then PHP successfully prevents the form execution if such username or e-mail already exists.
But I've noticed that this query also gets currently logged in user's credentials and prevents the user from changing its other data in case username or e-mail are unchanged.
I've decided to exclude the current user by its ID.
I've tried SELECT * FROM users WHERE (username='$username' OR email='$email' OR id!='$id'); to exclude the current user but it still exists and prevents changes in its own profile.
What could be wrong with my query? Any help is greatly appreciated!
I actually have two same tables for users, the second one is for users who still have not activated their profiles. But I suppose there is no reason to search for ID's in that second table as the current user definitely can not wait for activation of its account. Also ID's in those two tables don't match anyway so in case I should exclude a user from the second database I must find a different approach. But I hope I shouldn't.
I do not know you specific case:
SELECT * FROM users WHERE (username='$username' OR email='$email' ) AND id<>'$id'
This query find by email or username and not retrieve by this ID
I have a coins table in phpMyAdmin and I need it to be automatically updated when a user completes a purchase via PayPal. The way it is setup is that PayPal will automatically redirect them to a link I choose.
So, how can I run a script that takes the parameters from the URL and adds a new record to the table?
Thank you for all your help.
So that link would need to be a page called something like payment_success.php
On that page you would need to have a script that looks like this:
<?php
include 'credentials.php'; /*this is a file that will contain your database connection info
Then here you will establish the connection and enter the data into the desired table*/
$var1 = 'some information collected from paypal that you want to update';
$id = 'some identifiable information about your user that can connect them to the correct row in your table';
I won't hold your hand through all this but the SQL query you would need would be:
UPDATE table_name SET column_1 = '$var1' WHERE ID = '$id'
Set the confirmation PayPal link to increment the number of coins value in the MySQL table for the particular user....!!!
I hope that will work out..... If I could get a idea of your table or some more info, I could give you a clear idea about that.
I have been googling for some time now with out success primarily because the way i am asking is most probably the wrong way.
What i want to know
I have made some PHP scripts that allow users to add data to a table (In a MYSQL datanase) and its displayed on a website, now i am working on the ability to edit and delete the entry however the script i have allow anyone to do this to anyone's entry's.
Now i don't know if there are PHP or Mysql functions that help with this, like i said my goggling has been in vain. So if i could be pointed to a webpage that has this information or better yet an example syntax chunk that will only allow the user that created the entry to modify the entry.
I am assuming there is some type of while or if statement to achieve this.
Example scenario
A user comes along adds an entry the entry is given an id can the user be linked to that id so only he can edit it ?.
Note
I am adding PHP to a word press site so as for the users login information a word press widget is controlling that however i can see the entries are still put in a database field when I'm strolling threw the databases.
What i am asking
Do you know of a webpage/example syntax or tutorial that will show me what i need to know or if ya got enough time explain it to me :).
Thanks
Ben
Update the new entry with the current user's id, where $entry_id is the ID of the new entry
$current_user_id = get_current_user_id(); // current user logged into WordPress
mysql_query("UPDATE `table` SET `user_id`='$current_user_id' WHERE `id`='$entry_id'") or die(mysql_error());
UPDATE: You could also insert the entry with the user_id at the same time with the rest of the data.
mysql_query("INSERT INTO `table` ([other column names], `user_id`) VALUES ([other values], '$current_user_id')") or die(mysql_error());
Check if the current user ID is equivalent to the allowed edit user ID in your database.
$query = mysql_query("SELECT * FROM `table` WHERE `id`='$entry_id' LIMIT 1") or die(mysql_error());
$data = mysql_fetch_array($query);
$allowed_user_edit_id = $data['user_id']; // user id who is allowed to edit
$current_user_id = get_current_user_id(); // current user logged into WordPress
if ($current_user_id == $allowed_user_edit_id) {
// Your code for editing the entry
}
I'm currently working on my private messaging system for my website and so far some of what I have to do is making sense.
I've figured I have to use the power of mysql join but have a few questions..
In my model I have started coding for my message inbox and have the following query:
"SELECT * FROM messages WHERE from_id = '$id'";
$id is basically the auto-incremented id from my users table and from_id is the same thing but in my messages table.
What I want to know is how is the message table suppose to get the from_id? I know that the from_id from the messages table and the auto-incremented id from the users table are what I will use to link both tables.. but I'm slightly stuck how to go about this.
I would rather use id's to identify the sender and receiver of a message than their username but I'm quite confused how to go about setting this up. I'm quite certain I can do it once I have an understanding of it.
depending on what auth library you are using, you will need something like this in CI:
view_messages()
{
//this check could be done in the constructor
if($this->auth->logged_in()==TRUE)
{
$userID=$this->auth->user_data('userID');
}
else
{
redirect('not_logged_in');
}
$this->load->model('message');
$messages = $this->message->get_messages($userID);
// do what you want with messages.
//print_r($messages);
}
your messages model:
function get_messages($userID=null)
{
$this->db->where('userID', $userID);
$data = $this->db->get('tblMessages');
return $data->result();
}
I'm not quite sure if I fully understand you.
You are loading the messages, within the messages table you have a column for the user id but you want to load the users name aswell with a single query?
If so than something like this would do it
SELECT {whatever you want to have} FROM users
u, messages m WHERE u.id=m.from_id
than in your SELECT claus you can retrieve the users details with u.username assuming you have a username column in your users table.
Can't you use session to save the user id when the user login?
That way you can have the user id when needed.
// ...
$fromID = $_SESSION['uid'];
INSERT INTO `message` (`from_id`, `to_id`, `time`, `message`) VALUES('$fromID', '$toID', '$time', '$message')
Of course, we haven't talk about security here, so the code's obviously not secure. But we'll leave that for another discussion. Have I kicked you in the right direction? :p
There is more to it than just knowning a little about MySQL joins. There are lots of systems you can download to get a good idea, try phpBB or some other forum software.
With Private Message systems its very easy to make something rubbish, but good ones are tough.
Remember, if your message only has one entry like the example proivided by another user:
INSERT INTO `message` (`from_id`, `to_id`, `time`, `message`) VALUES('$fromID', '$toID', '$time', '$message')
That will need to show in the Inbox of the to user, and the sent box for the from user. If the to_user deletes it, the from_user suddenly has no record of the message.
You need to create a join table to list all the attachments of users (to or from) joined to the message id. Then you can have multiple to users as well!
Messages should always exist, users just "trash" (set is_trach to 1 on their connection). When users delete from trash they delete only their connection to the message, and when the last user has deleted their connection THEN you can delete it (or get a cron job to delete orphaned messages).
hey can some one tell me query using php mysql that how to add date and time when a person logged in and logged out inside a database table.
To keep track of the last logging-in and logging-out, you need to add two datetime fields in your "user" table (or any equivalent you can have) ; for instance :
log_in datetime
log_out datetime
Then, when you have a user logging-in, you update the log_in field, with a query such as this one :
update user
set log_in = NOW()
where user_id = 123
Of course, you have to use the right table name ,the right name for the "id" field, and the right user-id ;-)
Same when you detect a user logging-out, for the other field :
update user
set log_out = NOW()
where user_id = 123
(and same notes)
As a sidenote : detecting when a user logs-in is quite easy : he has to type his login/password, or something like that, and you can put the update query in the action of the form used to deal with that...
But detecting logging-out is not as easy : if the user clicks on some "log-out" link, of course, it's easy -- but if the user just closes his browser (or leaves its computer turned on, but just leaves), you don't have any "log-out" action...
It is not easy to detect when the user logs out (close browser or restart the computer)
The solution could be add a last activity field/table to update last activity (page load/request data/view main page) of the user by adding this update on top of all files,
Finally you want to know when the user logs out (or when was the user's last activity)
that you can find from the last activity field/table.
<?php
$userid = ....;
$query = "UPDATE users SET last_activity = NOW() WHERE user_id = $userid;";
mysql_query($query) or die('Error in MySQL query : '.mysql_error());
.
. your code here
.
?>
You can save the time with an SQL query. Say that you have a column called "last_login" which is of the DATETIME datatype. Then you do this when the user logs in:
<?php
$userid = 1337; //This is an example ID
$query = "UPDATE users SET last_login = NOW() WHERE user_id = $userid;";
mysql_query($query) or die('Error in MySQL query. Here is the error message: '.mysql_error());
?>
Note that it's really hard to know when a user logs out. Most users just leave the page without logging out. You could have a field called "last_activity" that you update every time the user does something on the page, and count them as logged out when it's been five minutes since the last recorded activity.
You cannot do it so easy.
You should use session_set_save_handler feature.