I have an admin section to one of my websites I am building.
The variables it logs in by is email address and password.
Obviously each email address is unique to each admin, although I do have an 'admin_id' column which increments automatically per row.
The other columns stored within my admin table are - First Name (String), Last Name(String), Level(int).
I have tried -
$_SESSION['admin_id']=$_GET['admin_id'];
But when I try and simply echo the id, nothing is displayed.
Yet this line of code:
if(!isset($_SESSION['admin_email']))
die("<meta http-equiv='refresh' content='0; url=login.php'> ");
Manages to get the 'Admin_email' column from the table.
I am confused as to how to add other columns into my session data.
Many thanks in advance.
I have figured out why the 'admin_id' was not successful in been retrieved from the database.
The login.php where the admin first must authenticate themselves from is where the session data is saved - for it to be used in the admin session once logged in.
In order to solve this, I added the following line within the login.php (whilst the email address were been retrieved from the database):
$dblevel = $row['level'];
and then to save it to a session:
$_SESSION['admin_level']=$dblevel;
I logged out and then back in to reinitiate the session and it worked.
Related
I have mysql database with two tables. The primary table contains the user login details and the secondary table contains user activities. The tables are linked by the account numbers.
I have created registration page and sign in page where users register and login. Users are displayed with a home page with two buttons.
When users clicked on the button, it is supposed to run a query based on the user login credentials. The query looks like this:
$result = mysql_query("select mydate, preamount, currentdeposit,
debit, currentinterest, totalamount, status from NormalAccount where
acctnumber = '$actno'n ORDER BY mydate DESC LIMIT 5");
Because I need to filter based on the user account number, I have design a form where they will need to enter their account number again. This makes the whole process looks like double work and users are complaining about the whole process of entering information twice.
WHAT I WANT:
How do I write the query such that the query will populate the user credentials automatically so that they need not to enter their account number again before viewing their account details?
I have a session on the pages already that enables me to pull and display the user details on the page using echo such as echo acctname where it display the account name of the user in any part of the page.
I used the php with echo below to automatically display a welcome message to the users using the account name automatically. How to I integrate this code below
<?php echo $userRow['acctname']; ?>
into the WHERE clause in the main query so that it automatically populate the account name for the users so that it will filter the record based on their acctname?
I have a session on each page with this code:
<?php
ob_start();
session_start();
require_once 'dbconnect.php';
if( !isset($_SESSION['user']) ) {
header("Location: index.php");
exit;
}
$res=mysql_query("SELECT * FROM userss WHERE userId=".$_SESSION['user']);
$userRow=mysql_fetch_array($res);
?>
Thanks.
Zollyzo
I'm not entirely sure that I understand the problem, but the first time that you ask for the account number, you could store it in the $_SESSION variable the first time you receive it from the user. Then, you could just retrieve it later, even if it's on a different page.
<?php
session_start();
...
//you get the account number somehow in $actno
$_SESSION['acctNr'] = $actno
...
//later in your code, or on another page that has had session_start() run
$actno = $_SESSION['acctNr']
//use it as you would before.
If the user has logged in successfully, save their account number (and maybe other details) in a session variable. You can use that session variable for your succeeding queries so you don't need to ask the users to enter their account number again.
Basic usage: https://www.w3schools.com/php/php_sessions.asp
firstly I have two tables
1) family - stores data about family like familyid,city,homephone,address,email
etc
2) person - stores about individuals like
persontype,gender,mobile,email,firstname,lastname etc
these tables are filled while signup.
After signup,
Whenever user logins all the data from person and family
retrieved and stored in session and used anywhere in the website by session.
$person=new Person();
$account=Onlineaccount::model()->find(array('select'=>'PersonId,EmailAddress,LastLoginDate,FailedLoginCount', 'condition'=>'EmailAddress=:EmailAddress','params'=>array(':EmailAddress'=>$model->username),));
$person=new Person();
$person=Person::model()->find(array('select'=>'PersonID,FamilyId,FirstName,LastName,MiddleInitial,
MobilePhone,PrimayContact,PersonTypeCode,DateOfBirth,GenderCode,EmailAddress', 'condition'=>'PersonID=:PersonID','params'=>array(':PersonID'=>$account->PersonId),));
$familyDetails=Family::model()->find(array('select'=>'FamilyID,HomeAddress1,HomeAddress2,HomeAddress3,City,State,Zipcode,HomePhone,HomeFlag,CurrChapterCode,FinanceMasterRecID,Membersince',
'condition'=>'FamilyID=:FamilyID','params'=>array(':FamilyID'=>$person->FamilyId),));
// $session=new CHttpSession;
// $session->open();
$_SESSION['newaccount'] = serialize($account);
$familyDetails->firstName= $person->FirstName;
$familyDetails->middleName= $person->MiddleInitial;
$familyDetails->lastName= $person->LastName;
$familyDetails->gender= $person->GenderCode;
$familyDetails->dob= $person->DateOfBirth;
$familyDetails->email= $person->EmailAddress;
$familyDetails->userName= $account->EmailAddress;
$familyDetails->mobilePhone= $person->MobilePhone;
$familyDetails->registrantType= $person->PersonTypeCode;
$familyDetails->PersonID=$person->PersonID;
$familyDetails=$this->getMembershipDetails($person->FamilyId,$familyDetails);
$_SESSION['familyDetails'] = serialize($familyDetails);
Now the question is ,When user logins and in his profile he wanna change the field like lastname through update form...the lastname is updating but the updated data is not showing after refreshing also it is displaying last data because of sessions...when user logout and login the newly updated data is showing..
how to show the updated data after refresh through session in yii ..
thanks for reading and waiting for suggestions..please help me..
After updating the profile reassign the session values again. Then only you can access updated data every where in the application.
I'v got a registeration code which inserts user details into the table that I chose.
The problem is that I added a "confirm code" to the user, so every account is needed to verify his user through his mail. After the confirmation is done, the Column "confirmation" changes to "confirmed". If the user does not verify his account, the confirm code will stay in the "confirmation" Column.
The problem is that I made a table in html, which uses the DB in order to show the active users.
I don't want that the not-confirmed users will appear in the tbale, so I tried to add some conditions:
$cu = mysql_query("SELECT * FROM `users` where uname='$uname' && confirmation='confirmed'");
$cu = mysql_fetch_array($cu);
and another one :
$select2 = mysql_query("SELECT * FROM `users` WHERE uname='$uname' && confirmation='confirmed'");
It's working.. but only half way. I mean, when the not-confirmed user tries to log in, it shows him a blank page. It's ok, cuz I don't want the non-confirmed users will log in.
But... the confirmed users still see the not-cofirmed users in the active users table..
It's like the table doesn't even checks if the user is confirmed or not, it's just shows him either way.
So I thought about a way in which users will move to another table, called "hold", which will consist of all the non-confirmed users. Then, every user who will verify his account, the sql will recognize it and when the confirmation columm is changed to "confirmed", it's going to move the user to the "users" table, so his name will appear in the active user table.
How can I do it? How can I "make" the sql table to auto recongize if the user is confirmed or not, and move him to another table..
or.. if is there any way to "hide" the not-confirmed users from the active users table, it's also fine.
Thanks alot :)
Basically either you need to setup a cron which check if the user is not confirmed then move to hold tabe or write a trigger in mysql whenever any user got confirmed.
You can get the last result and insert after the last result.
See this example:
$sql = mysql_query("
INSERT INTO tabel_name(col1, col2,col3) values('foo','bar','some');
INSERT INTO table_name2(col,col2) SELECT col2,col3 FROM tabel_name
ORDER BY id DESC LIMIT 1;
");
I'm confused on how to do this. Say the user creates an account with my ecommerce website, and then starts adding products into their basket. If I store the users username and password in a database table, and use sessions/cookies to manage the products in their shopping basket, what would I need to do in order to connect the users shopping basket to their account, so that when they log in they will be able to see the items they had previously stored?
Do I first allow the user to login, query whether they logged in successfully, and then make a session/cookie variable for their username? Or do I have to store the users cart items in a database and connect it with the user accounts table?
I'm confused with how to store a shopping baskets items into a table. Is that even the right way to do it?
There's no code yet, I want to create the databases correctly before I start coding and just need some advice. Thank you
If you have two tables, one for the users and one for the items, you can do something like the following.
Manage current basket items by adding to and removing the item_ids into a serialized array, which you can store in your users table AND the session at the same time, keeping them in sync. For example, if a user visits your store for the first time (not logged in, and empty shopping basket), you can create the session like so.
session_start();
We start the session.
if (isset($_SESSION['current_basket']) {
$current_basket = unserialize($_SESSION['current_basket']);
} else {
$current_basket = array();
}
Because this is the first time our visitor has visited our page, the session variable current_basket will not be set, meaning the above if statement will not run and instead just create an empty PHP array in a variable called current_basket.
Now, when the visitor adds an item to the basket, we just need the item's ID in your database and add it into the current_basket array.
$current_basket[] = $item_id;
Then we immediately update the session variable with the new array, serializing it in the process.
$_SESSION['current_basket'] = serialize($current_basket);
You now have a proper, usable array with all the product IDs for that person's shopping basket.
Now, let's pretend the user was logged in. We'd check for that and only add one more step.
$sql = "UPDATE users SET current_basket=" . serialize($current_basket) . " WHERE id=$user_id"
// Execute that query.
There, now that same array is in the database which you can then pull and set as a session variable when the user logs in.
You can run these series of steps everytime a product is added or deleted, keeping it updated both in the session and the database.
This is obvisouly a very watered down concept for the sake of explaining. Obviously, you'd need to manage the array better. For example, not adding a product to the basket if it's already there, removing items from the array...etc.
The key is to serialize the array, and store in the session always, and in the users table if the user is logged in.
Then when the user comes back and logs in, you can set the array in the session for them using the array in the database from when they were last on your site.
I would have the cart table cart_id / user_id / date_time_created then an item table indexed on the cart_id.
Also add a way to dump the cart_id and items out of the tables after so many hours or days otherwise your database will get huge.
And let your end users know that the items will be dumped after x amount of time.
i created a table in the database (mysql),and i write a code for inserting data in the datbase using php.values are inserted properly.here i set the status column value as deactive.when user created in that time ,we send a mail to the user to active the link ,means my site and then status column has to changed as active.
my db table contains the following columns
name,email,pwd,status,lastlogin,security qun,ans
when user is created in that time i set the status as deactive.in that time i want to sent a mail(in this mail,i want to send the link to their account) to the user to active their account ,then only user goes to the next process.after that when user open the mail & click that link,the status column has to changed as active in the database.how can i do this,anyone help me..
one way to solve the problem is:
make the field 'status' as varchar not int.
when you are inserting user information for the first time, make a random string and insert it in the status field.
say your random string you have created is 'lka342lkjasd8234kl2324ljklj2'. send the link with the string as a parameter.
when the link is clicked in the script check the verification string matches the value in your status table.
if it matches then show message that his account is verified and change the value of the field to 1 (as 1 indicates a active account)
if the string doesn't matches then show message the verification link is wrong.
in another way you can make another table for storing verification string. and make the status fiend an integer. set 0 initially and make it 1 when verified, and check the verification with the new table.
You can create column called activation_code, send an email to user with link, which will contain this activation_code. Link like this www.example.com/active.php?activation_code=AABBCCDDEEFF, when user click this link you can get activation_code, find a user at database and change status. Also you can create column activation_expires which will contain a date when activation code will expire.