user profile page generation - php

I am developing a dynamic website using PHP. When a user of the website creates an account, a profile page should be created for that user. Say, a user called 'dev23' creates an account on my website, his profile should be accessible through the link www.mysite.com/dev23
How do I create such a thing? Should I create a standard page like userprofile.php which is populated with data specific to the username provided? Or should I create a permanent webpage for every user?
Please let me know the right approach to this porblem.

Is the www.mysite.com/dev23 meant to be public or only visible to the logged in user?
If it is only visible to the logged in user, you can create a myprofile.php file which retrieves the logged in user from the session and retrieves data accordingly.
If it is meant to be a URL that other users can hit, you probably want some sort of userprofile.php page with data passed along to identify the user to be viewed. For example, the url might be www.mysite.com/userprofile.php?user=dev23. If you are using Apache for your web server, you can look at using mod_rewrite to make the URL prettier. Thus, you could have the URL www.mysite.com/user/dev23 routed to userprofile.php?user=dev23 and your PHP processes the same. It is just a means of making URLs be more user friendly than a naked query string. This is common amongst many PHP-based CMS systems such as WordPress, Joomla, etc.

Ideally you should be creating a single file that handles all users.
Certain frameworks like SkyPHP allow this by defining the attributes after a valid page as "queryfolders" which can be used much like GET/POST variables.
If you are not using a framework, I might suggest you look into using one to simplify your tasks.
SkyPHP also has a functionality where a single field in a table can be used to pull this data simply by defining the page as _table.field_name_
It will check to see if there is a matching table and field to pull the data from and will automatically pull the id of the record whose field's value matches that of the url and assign it to a variable.
Example... If we have a table called category and a field named slug, one would create a page named _category.slug_.php
Then the url... http://mydomain.com/watches would look for "watches" in category.slug and pull back the identifier of the record as $category_id with $category_slug available also.
It would solve your issue if you are willing to give it a shot.
Again refer to the documentation here... http://switchbreak.com/skyphp

Related

What kind of plugin should I use to make a whole page for one user only?

I try to make a website with multiple users of the same role on Wordpress. That may be "Informational system of hotel rooms". Every user should have an access to login page and the page for registration. But after the process of logging in the user should get own private page. In this page the subscriber should get the opportunity to review and edit the database table. But there's no exception of the fact that despite the whole list of database tables is the same by own quantity and structure of each of them, the data stored in those tables should be unique.
The uniqueness of data witnesses that I need to create a private page for every user, save for administrator. It must be private page, not post, because I'll use php snippet and html code for displaying the table with unique data.
So the question is: What kind of plugin should I use to make a whole page for one user only?

Pass Variable into Wordpress

Can someone tell me how to pass a variable into Wordpress from an incoming URL? For example, I have a visitor following this link:
http://mywebsite.com?variable=white
When they arrive at my wordpress site, I want to pull that "white" variable and store it for future use in my MailChimp list and departing links like this:
store mailchimp color
http://mySecondWebsite.com?favoriteColor=white
I want this to be temporary and specific to this user only. I understand the concept and use of session_start(), but I have no idea how to use this in conjunction with Wordpress. Any help is appreciated.
You can use the GET variables to fetch information from a URL. You can read out the $_GET array in PHP to get to your variable.
The part thats tricky, is that inside your wordpress application, you should check out if the user is logged in, and then update the users' information based on the current session. This is basically what you're looking for.
If the user is not logged in already, you can ofcourse not update his account by just that URL. You'd then need to add more info - something like a hash in the URL thats unique for this user and allows you to update a preference without logging in.

Obscuring a username with mod_rewrite

I have a website that serves up various information for users who have accounts on it by accessing information listed under a username and a category. Using the variable names, u and c, the url looks like this:
www.originalwebsite.com/user.php?u=username&c=43
I want a user-defined custom domain to remove any evidence of a username variable or variable name. Other variables (like category) are fine to remain. Ideally, this would result in the following link pointing to the one included before:
www.customdomain.com/c=43
My reasons being that the custom domain would be unique for the user and, therefore, would be remove the need to specify the user (in theory, not in practice so far) as well as presenting the site from a custom domain in a manner that looks like a single site, rather than the portal like options of the original.
I can get www.customdomain.com/u=username&c=43 to work but am trying to think of the best method to remove reference to the username when using the custom domain (both the variable identifier and the variable itself). I'm struggling to think of how I'll inform the original website of what user account to use if it's not mentioned in the url itself.
At the moment my best idea is to let user.php handle this with a condition of whether the request is from originalwebsite.com or a custom domain. If finds that it's the latter, it checks it against a database listing and finds the relevant user settings discreetly. This feels like quite a slow procedure, however.
If my example is not clear, think of sites like Tumblr, where you can add a custom domain and, from that point on, urls make no reference of your user name.
From some discussion here and further research, it seems as though there's no quickfire way of doing this. It looks like I'm stuck with either keeping some form of reference that can identify a username in the url, using a cookie or sticking with my original idea of referencing the custom domain against a database to find the appropriate user and settings.
I've gone with the database referencing option as I need to remove references to any username from the url and I can't always rely on cookies. I need a 100% success rate of correct redirection.
I've changed my user.php file to check if the request has come from originaldomain.com or newdomain.com. If it's from originaldomain.com, it looks for a username variable in the url as it should have one for any user that doesn't have a custom domain. If it comes from a different domain, it checks to see if this domain is listed in the database and finds the user from this. There's a few catches that I'll need to trial but I've got 90% of the issue solved.

Passing value to Joomla Module from another URL

I'm newbie to Joomla module development, and would like to implement a custom module for Joomla CMS.
I need to display the sales history of the logged in user. For example, a user with [username] = "US001" logged in successfully, and go to view what sales orders have done by him. And the module display the data recordset in table format by passing the "US001" as username parameter to my database and retrieve the data.
How do I detect the user logged in and then remember the [username] for the whole session?
How can I pass this [username] parameter, e.g. "US001" to my external URL for retrieving data record set? My database for every user's sales history is in another different IP's server.
After query the data, how to return back my dataset to the module and draw my table out on that module?
Additional function would be Admin's user able to control which field to be display, eg. 'age', 'e-mail', etc on the table in module.
You want to access the user object. Joomla already has most of what you need built in, you just pull up the current user and you have the info.
To start with, you will need to get the current user info -
`$user =& JFactory::getUser();`
if ($user->guest) will tell you if the user is logged in, $user->name will give you the username
You will have to pass any info from Joomla to the external URL using either GET or POST. Easiest way is to pass it as part of the URL query string (GET) external.url.com/database-page.html?username=name; ?> or similar
Again, GET or POST the values you want to use back to the page containing your module.
Not sure what you mean here, but it sounds like you need to add parameters (called form fields in 1.6 and newer) to your module so you can turn on or off the display of some of the data the module will be getting.
User object tutorial - http://docs.joomla.org/Accessing_the_current_user_object
Parameters - http://docs.joomla.org/Standard_parameter_types
Form fields - http://docs.joomla.org/Form_field
Lastly, it sounds like you would be better served creating a component instead of a module, unless you plan to display the database info you are pulling as part of another page that will be displaying the main content.

PHP Guest Access to Website

I have a PHP project is essentially an order processing website for a company. Each user in the company has access to this website and is given certain credentials to the application that control access to pages and functionality throughout.
Now I have a request to allow a guest access to a single page. The complexity of this request is that the guest will be different each time as well as the page will be different. Basically it is a portal to allow customers, who don't have accounts within the system as there is no live ordering on this site, to be able to access and verify the order and shipping information.
My thought to accomplish this is to have a database table setup as a guest relationship table that will be used to store UIDs, MD5 Hash Keys and the destination page that the record is referring to. Also included would be a visit counter and expiration date. When the user receives an email they would have a link provided in the email to somewhere like http://website.com/verify/?HASH-KEY.
When this link is clicked I expect that the verify index.php page takes in the HASH, verifies it in the database and displays the page reference in the database within this location instead of redirecting into the application. This would allow guest access to the single page without the need to expose the structure of the website or a rework of the user authorization already setup.
Am I approaching this solution in the proper manner?
How do I grab the contents of one page and display it in another?
1. Am I approaching this solution in the proper manner?
Yep, more or less.
Some pointers:
Make sure you seed hash generation randomly. For example, DON'T simply MD5 a customer ID or some other small/sequential number, as that would make it easy for a malicious use to hunt down other pages.
Expire the hashed links after a set time out.
2. How do I grab the contents of one page and display it in another?
If you want people to "access and verify the order and shipping information" you should probably create a page specifically for it, instead of trying to pass through normally secure pages to insecure guests. Ie, a 'shipping confirmation page' that populates details according the data keyed by the supplied hash.
I'm trying to a follow this as well as I can.
It seems to be you should use your hash method, and just have a stand alone page that will generate the content you want, totally separate from the rest of the system. Just put enough data in your hash URL to determine what is needed.
Something else to do is use a timestamp in your hash string URL and have that timestamp part of the random bits that you generate your hash on. This will allow you to make a URL essentially "expire" after a certain point.
Example: url.com/in/123456789865/hash-here
You can compare "123456789865" in this example to the current server time and determine if its expired. Of course you need to make "123456789865" part of your hash encryption to still validate
If I understand you correctly (and I think I do), than I think you're approaching this correctly.
To include another page's contents, you usually use include.
include "/path/to/page.php";

Categories