I have a register and login code, but i don't know when the user register to automatically make user page.Can anybody help me?
web3 0 Junior Poster in Training
Will Gresham 81 Master Poster
Make a seperate page (profile.php perhaps) and use the unique field in the database (Usually an ID of some sort) in the query string, for example, profile.php?user=usersID.
In the profile.php page, pull the required data from the database and display it as required.
diafol
Just remember to protect it with a session id, so that you can't change anybody else's profile. View but not edit.
Will Gresham commented: +1, I assumed he meant a page to display info, not edit :) +2
web3 0 Junior Poster in Training
Can you show me some code examples?
nadnakinam 0 Junior Poster in Training
post your code...
web3 0 Junior Poster in Training
I now how to echo id but how to echo username, email...
This is my code for profile page:
<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="login4"; // Database name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die(mysql_error());
mysql_select_db("$db_name")or die(mysql_error());
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM users WHERE id=$id");
$sql="SELECT * FROM users";
?>
<?php
echo $id;
?> web3 0 Junior Poster in Training
I now how to echo id but how to echo username, email...
This is my code for profile page:
<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="login4"; // Database name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die(mysql_error());
mysql_select_db("$db_name")or die(mysql_error());
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM users WHERE id=$id");
$sql="SELECT * FROM users";
?>
<?php
echo $id;
?> Will Gresham 81 Master Poster
Many problems with your code there...
There appears to be no protection on your query at all...
Try replacing this:
$id = $_GET['id'];with this:
if (is_int($_GET['id'])) {
$id = $_GET['id'];
// Add the rest of the script here.
} else {
// Display an error message, also stop processing.
echo "Error message here";
}Also, this line $sql="SELECT * FROM users"; is redundant, it does nothing...
Instead of this:
$result = mysql_query("SELECT * FROM users WHERE id=$id");Try this I added a limit as I assume you will only be expecting one result:
$query = mysql_query("SELECT * FROM users WHERE id=$id LIMIT 1");
$result = mysql_fetch_assoc( $query );You can then call the values from the DB using $result.
So to review, your code should look similar to this:
<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="login4"; // Database name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die(mysql_error());
mysql_select_db("$db_name")or die(mysql_error());
if (is_int($_GET['id'])) {
$id = $_GET['id'];
$query = mysql_query("SELECT * FROM users WHERE id=$id LIMIT 1");
$result = mysql_fetch_assoc( $query );
echo $id;
} else {
// Display an error message, also stop processing.
echo "Error message here";
}
?>Also, as ardav said, you will need to add some logic to make sure that the user viewing this page actually has permission to do so, such as creating a session when they login, and check that a session exists when they access this page
web3 0 Junior Poster in Training
Thanks, xan!
But i still don't now how echo username or email...
Will Gresham 81 Master Poster
$result
Assuming the fields are called email and username, use the following:
$result
$result
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.