I already have written a login and register script. The user can login to their account edit their details etc. The details are stored in a users table which has many different data properties related to the user.
I was wondering, how do I make it so they can view their profile and it shows all the data they input. For example, if somebody with username "bob" registered and changed his data, he can click a link "view profile" and he can see his public user profile. I know how to fetch entries and display the data but my problem is I don't understand how to make a profile for my users that can be seen by others and/or themselves. I want these pages to be dynamically created for each user.
Also, if I had a page that retrieved all the recently registered members, it could link to their profile pages.
It is a very common thing across websites and I know there are CMS's that already do this like drupal but I want to code a small controlled solution by myself. Thanks!
Make your page 'profile.php'
1) Pass id to that page using Get String. Link would be : ....../profile.php?id=3
To learn more about Get and Post Method of form submission. And how PHP handles it ($_POST & $_GET) google it.
2) In that page 'profile.php'
$id=isset($_GET['id'])?$_GET['id']:-1;
settype($id , "int");
if($id<1)
{
//wrong id, may be redirect
header('Location : another-page.php');
die();
}
// use this $id to get information from db and display the information
3) If you want to dynamically tell the person that what his profile link is:
Supposing you have $id of that person :
$link = '...../profile.php?id=' . $id;
Please consider learning basic php first. Like cookies, get, post, functions, db handling, sessions, string handling, array handling, global variables.
Well, just create a page say userprofile.php that gets a parameter called id (I assume your users have id's .. otherwise have username). If the page is called with no parameter, the page will use the current session user as the profile id and will make all fields editable, otherwise, if it's passed with say "userprofile.php?id=123", then it will display a non-editable version for other members. You can also do a check to see if the session user is the same as the one whose profile is requested, in which case, you want to make the page editable as well.
Are you looking for something like this (an amalgamation of what has been posted and some extra stuff):
$SQL = "SELECT ID, First_Name, Last_Name, User_Name FROM Users" .
"WHERE ID = " . $_GET['id'];
$con = mysql_connect('server', 'user', 'password');
$db = mysql_select_db('database_name', $con);
$result = mysql_query($SQL);
while ($db_field = mysql_fetch_assoc($result)) {
print "User ID: " . $db_field['ID'] . "<BR>";
print "User Name: " . $db_field['User_Name'] . "<BR>";
print "First Name: " . $db_field['First_Name'] . "<BR>";
print "Last Name: " . $db_field['Last_Name'] . "<BR>";
}
When you want to create a link to their user page, something like this:
print "" . $db_field['User_name'] . "";
This takes the ID you pass through from a link on a page, such as http://servername/page/list.php?ID=123 and then the above code retreives whatever information you want (via the SELECT statement) in the database. Then you just lay the information out however you want.
Related
I posted not long ago and decided to make another thread.
In our application we ask the players to create a new account, when they do we add this information to our DB.
The next step is to now grab the account they created, so that we can add more data to it. So the player creates an account with us, after this is done we then login with Google Play Services, and we now need to add info from google to the account they created, locale, id, etc
My problem here being new to php is im not sure on the correct way to do this so im asking for some guidance on it and have a couple of questions that may or may not make any sense.
When a user creates an account i now need to reference and keep a hold of this account they created so that we can easily access and edit/add info to it. How would you accomplish this?
When i need information from the database to display in the application how would i grab this info specific to the player and read it directly into unity? I think i could use the JsonEncode but im not sure if this is the most efficient way to do this.
There is more but i don't want to ask to much all at once haha.
Thanks for any and all help.
John
<?php
/// Check to make sure there is data in these fields
/// Only accept user when they have confirmed thier email
error_reporting('E_All');
include 'db_header.php';
$error = '';
$firstName = $_GET['firstName'];
$lastName = $_GET['lastName'];
$email = $_GET['email'];
$password = $_GET['password'];
$sql = "INSERT INTO Player (FirstName, LastName, Email, Password)
VALUES ('$firstName', '$lastName', '$email', '$password')";
// Here i need to make sure this is correct
if ($conn->query($sql) === TRUE)
{
$id = $conn->insert_id;
echo "Welcome " . $firstName . " You are now an Rcader! ";
}
else
{
//echo "Error: " . $sql . "<br>" . $conn->error;
$error = $conn->error;
echo $error;
}
First of all you should need to learn about the basic PHP and Unity3d integration through this simple unity3d Tut at unity wiki which is Server Side High Score.
Now come to your questions:
You should first authenticate user by asking user name and p/w in unity3d if his login is valid save its id/primary key into player prefs. Later use this player prefs value to store user specific information into database. You can also use this player prefs value to retrieve data from database. And never forget to remove player prefs values before exiting the game.
I have a database running and I'm currently printing out in a website, in a "php block" the usernames of the database. I achieved it with this
if ($db_handle) {
print "Database ISSSSS Found ";
$SQL = "SELECT * FROM `database.com`.`users`";
$result = mysql_query($SQL);
//print $result;
while ( $db_field = mysql_fetch_assoc($result) ) {
print $db_field['username'] . "<BR>";
}
mysql_close($db_handle);
}
However this gives me a giant string of all the users (I currently have 4). How do I make it so its just the individual user accessing their profile through the website
Typically, when someone logs in, you would store non sensitive information about the user in the session. This way, you can get to it quickly without needing to make database calls on every page. For instance, if you wanted to show their username in the pages header, you would always have their username handy to do so. Then, when they go to view their profile, you can use that username you stored as part of your SQL WHERE clause to pull in information pertaining only to that specific user.
Use WHERE username = 'yourusername' in your SQL query.
That shall fix your problem
I am having a php page in which i have captured different values from the previous page, There is also a print button, Which prints all these fields including the unique number. When user clicks on the print button record will be inserted in database and print window displays on the screen. But the problem is there is a unique number on html page, For example if two persons are login at the same time, The will get same unique number, and both will be able to print the same page having same unique number.
How i can control this issue, I also tried to redirect the user to the previous page but its not working.
Here is my php page, Which i am calling using ajax
<?php
$conn = mysql_connect('localhost','','') or die ("");
mysql_select_db("") or die ("Database Problem");
$query = "select * from print where a = $a;
$result = mysql_query($query);
if(mysql_num_rows($result) == 0)
{
$query = "INSERT INTO print () VALUES ()
$result = mysql_query($query) or die();
if(mysql_affected_rows()<>1)
{
header ("Location:mainpage.php?uniquenumber=xy");
}
}
you can use unisid http://php.net/manual/en/function.uniqid.php
To generate an unique id
What is this uniquenumber needed for in the client side? I mean having it accessible and editable for the users is kinda dangerous if it's an important value.
If you just need this number to tell apart the different entries in the print table, why not just use and auto_increment index for this table?
Another solution would be session variables. When a user succesfully logs in generate this unique ID based on multiple variables (username, time, browser), that will ensure there won't be repeated values for this ID. Then store the variable like this:
session_start();
$_SESSION['ID']=$unique_ID;
You can then read it in any other PHP script like this:
session_start();
$unique_ID=$_SESSION['ID'];
You can validate the unique number before inserting to database ( Before Printing also ). If the unique no is exist, throw a error message "unique no is already used " and give another unique number ( By loading the HTML Page again or doing something else ).
I have to create a database for a class and I am having trouble with one thing. In the database, a user can search for other users and choose to friend them (just like facebook). In my php scripts, I am searching my 'user' table (in MySQL) for all users that match a string entered in by the logged-in user, and providing a list of names that match the string. The logged in user can then click on the name they would like to friend, and a request is sent to that person. I am not sure how to retrieve the username and id of the name that is clicked on. For example, if the list of names that are displayed is:
Sally
Kevin
Mike
and the user clicks on Sally, how can I retrieve her username and id? In the sql query I am using, the last person is at the top of the array, so they logged in user always tries to friend Mike. Any suggestions would be great!!
The $_SESSION values are taking the last name in the array. How can I get it to take the name the logged-in user clicks on?
Or is there a better way to do this?
Here is my code so far:
$sql="SELECT uid, name FROM user WHERE name LIKE '%" . $name . "%'";
//run the query against the mysql query function
$result=mysql_query($sql);
//create while loop and loop through result set
while($row=mysql_fetch_array($result)){
$name=$row[name];
$uid=$row[uid];
//display the result of the array
echo "<ul>\n";
echo "" .$name. "";
echo "</ul>";
$_SESSION['friend_name'] = $name;
$_SESSION['friend_id'] = $uid;
}
I see you are generating the url with a name which in your case is not a key in the database. Why not send the UID itself to the friend_request.php and then use that UID to send the request to that person.
echo "" .$name. "";
Remove the $_SESSION variable, you dont need it.
In the friend_request.php, change $_SESSION['uid'] and $_SESSION['name'] to
$_GET['uid'] and $_GET['name']
You should pass the value of the friend being selected to the request that's selecting it, rather than trying to store it in session. Something like this:
echo "" .$name. "";
That way the value selected will be available to the friend_request.php script as $_GET['name'].
it depends on how you generate the persons list that user want to chose from so the list may be like :
sally
and in your php code aka makefriend.php you can get the user id and name from the db like :
$result = mysql_query("SELECT uid, name FROM user WHERE name LIKE '%" . $_get['name'] . "%'
i hope this can help .
I need something simple; I have page where a user clicks an author to see the books associated with that author. On my page displaying the list of books for the author, I want a simple HTML title saying: 'The books for: AUTHORNAME'
I can get the page to display author ID but not the name. When the user clicks the link in the previous page of the author, it looks likes this:
<?php echo $row['authorname']?>
And then on the 'viewauthorbooks.php?author_id=23' I have declared this at the start:
$author_id = $_GET['author_id'];
$authorname = $_GET['authorname'];
And finally, 'The books for: AUTHORNAME, where it says AUTHORNAME, I have this:
echo $authorname
(With PHP tags, buts its not letting me put them in!) And this doesnt show anything, however if I change it to author_id, it displays the correct author ID that has been clicked, but its not exactly user friendly!! Can anyone help me out!
You could pull the author_id from the query string as you did using $_GET but beware you will need to validate what is coming through by the query. I hope you can see that without validation how bad of a security hole this is.
I am at work at the moment, but this is a quick example that should give you what you need without sanitizing your query.
$id = intval($_GET['author_id']);
// of course, perform more validation checks
// just don't assume its safe.
$sql = "SELECT authorname FROM authors_tb WHERE author_id=" . $id;
$result = mysql_query($sql);
while($row = mysql_fetch_array($result)) {
echo "The books for: " . $row['authorname'];
}
The reason why your approach wasn't working was because you utilize the $_GET URL parameter passing for author_name where you weren't supplying the parameters in the URL, just the author_id.
You don't send it in the query string, thus you can't get it from the $_GET array.
Just request it from the database using id.
An important note: Always use htmlspacialchars() when you display the data, coming from the client side.
This is because you do not define the author name in your get.
You should make the following your url:
<?php echo $row['authorname']?>
Or rather select the data from the database again, on the new page, using the ID you retrieved from the URI.
Author name won't be in $_GET. As your code stands, you only use it as the link title. It is no where in the address. Try this instead:
<?php echo $row['authorname']?>
It would be better to re-request it from the database using the author_id though.
EDIT:
To explain the problem in more detail. You have two pages, the new.php page and the viewauthorbooks.php page. You're sending users from the new page to the view page using the link you posted, right?
The problem with that is, your link assigns one variable in get. Here's the query string it would generate:
viewauthorbooks.php?author_id=13
What that will do is send the user to viewauthorbooks and place the value '13' in the $_GET variable: $_GET['author_id']. That is why the author_id is there and displays on viewauthorbooks. However, authorname is never passed to viewauthorbooks, it isn't in $_GET['authorname'] because you never set $_GET['authorname']. If you want it to be in $_GET, then you need your query string to look like this:
viewauthorbooks.php?author_id=13&authorname=bob
You can accomplish that using the new HTML code for the link I posted above. Look at it closely, there's a key difference from the one you have now.
However, it is generally discouraged to pass data through GET, because the query string is displayed to the user and it leaves you open to injection attacks. A better way to do this would be to use the author_id you are already passing to viewauthorbooks.php to retrieve the authorname from the database again. You can use the same code you used on the new.php page.