Member Avatar for itsmecisz

Hi There,

Ive been searching everywhere in google but i got nothing. What i need is to be able display user datail after he login on a certain textbox

Login.php page code:

<?php
session_start();
ob_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

</head>
<body>
        <?php


            //This displays your login form
            function index(){

            echo "<form action='?act=login' method='post' id='login'>" 
            ."&nbsp;&nbsp;Username:&nbsp;<input type='text' name='username' size='30'><br/><br/>"
            ."&nbsp;&nbsp;Password:&nbsp;&nbsp;<input type='password' name='password' size='30'><br/><br/>"
            ."&nbsp;&nbsp;<input type='submit' value='Login' id='submit'><br/>"
            ."</form>"; 

            }

            //This function will find and checks if your data is correct
            function login(){

            //Collect your info from login form
            $username = $_REQUEST['username'];
            $password = $_REQUEST['password'];


            //Connecting to database
            $connect = mysql_connect("localhost","user","pass");
            if(!$connect){
            die(mysql_error());
            }

            //Selecting database
            $select_db = mysql_select_db("db_name", $connect);
            if(!$select_db){
            die(mysql_error());
            }

            //Find if entered data is correct

            $result = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
            $row = mysql_fetch_array($result);
            $id = $row['id'];

            $select_user = mysql_query("SELECT * FROM users WHERE id='$id'");
            $row2 = mysql_fetch_array($select_user);
            $user = $row2['username'];

            if($username != $user){

            die("Username is wrong!");

            }


            $pass_check = mysql_query("SELECT * FROM users WHERE username='$username' AND id='$id'");
            $row3 = mysql_fetch_array($pass_check);
            $email = $row3['email'];
            $select_pass = mysql_query("SELECT * FROM users WHERE username='$username' AND id='$id'");
            $row4 = mysql_fetch_array($select_pass);
            $real_password = $row4['password'];

            if($password != $real_password){
            die("Your password is wrong!");
            }



            //Now if everything is correct let's finish his/her/its login

            session_register("username", $username);
            session_register("password", $password);


            $url='/user_index.php'; 
            echo '<META HTTP-EQUIV=Refresh CONTENT="0; URL='.$url.'">';  


            }

            switch($act){

            default:
            index();
            break;

            case "login":
            login();
            break;

            }
            ?>  

</body>
</html>

I need the details from the user database to be display is the data from "station" col_name.

report.php code

<?php
session_start();
ob_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

</head>
<body>

                    <form action= "insert.php" method="post" enctype="multipart/form-data">


                    <label for='station'>Station: </label> 
                    <!-- on this station text box where i want to put $_SESSION["station"] that will automaticaly called from the user db and send info on report db--> 
                    <input type="text" name="stations" size="60" height="100" maxlength="50">
                    <br>
                    <label for='title:'> Title: </label>
                    <select name="title">
                    <option value="">Select...</option>
                    <option value="personnel_profile">Personnel Profile</option>
                    <option value="Monthly Fire Incidents Reports">Monthly Admin Report</option>
                    <option value="Reports">Weekly Admin Report</option>
                    <option value="Reports"> Weekly Activities</option>
                    <option value="Reports">Fire Code Fees</option>
                    <option value="Reports"> Inspection Report</option>
                    <option value="Reports"> Fire Incident Report</option>
                    <option value="Reports">Fuel Consumption Report</option>
                    </select>
                    <label for='detail'>Detail: </label>
                    <textarea name="detail" rows="10" cols="45" maxlength="1000"></textarea>

                    <script type="text/javascript">
                    function show_confirm()
                    {
                    var r=confirm("Do you wish to send the file");
                    if (r==true)
                      {
                     return true;
                     alert("File has been sent!");
                      }
                    else
                      {
                     return false;
                      }
                     return false;
                    }
                    </script>
                    Please choose a file: <input name="uploaded" type="file" />
                    <input type="submit" value="Upload" onclick='return show_confirm();'/>
            </form>

</body>
</html>
  • 4 Contributors
  • 3 Replies
  • 256 Views
  • 18 Hours Discussion Span
  • Latest Post Latest Post by Caeon
Member Avatar for LastMitch

Ive been searching everywhere in google but i got nothing.

What are you searching for?

It's not like it's something that you can add on to a php code.

You need to created it.

My question is did you write this code?

If so, explain to me where is your query for that?

I don't see any query related to stations?

Member Avatar for Webville312

First, upon login, fetch the users' details and assign them to sessions like this;

$_SESSION['firstName']=$row['firstName']; // Assuming that $row is what holds the array of results fetched from the database

Then in the page where you want to display user's details, you will add the session;

<?php
session_start();
$_SESSION['firstName']=$firstName; //Feches the session for the user's name
?>

Then you can go ahead and display the name in the textbox like so;

<input type='text' name='clientname' value='<?php echo $firstName; ?>' />
Edited by Webville312 because: Had to addd more code fragments
Member Avatar for Caeon

First and foremost.... let's talk about that first document, although unrelated to your question there is somethings that need to be addressed.

You have way too many database calls for the same exact information. Call the information once and use it multiple times. You call the user database 4 times. Do it once and make it count.

When doing logins check if the username and password match an entry. If they don't match, cause it to fail. Do not try to figure out if it was the username or if it was the password. Especially don't let the user know because they might have malicious intents.

Do not use "SELECT *". Only select the columns you are going to use. It allows for faster execution and doesn't grab unnecessary information.

Never store passwords unencrypted. Use BCrypt or something. Encrypt the given password and store that result. When logging in encrypt the password given and check that against the database to see if those match. Storing passwords is no joke. Look at all the recent news of passwords getting stolen. Oh - And don't use MD5, although better than plaintext it's not much better.

I see what you're trying to do with the switch statement for the login and page refresh, but I think there is a much easier way to accomplish what you're trying to do which isn't confusing:

<?
if ($_POST['login'])
{
    // Form was submitted. Check details and information.
    // Save session if checks out ok. Store $username and $user_id
}

if (!$user_id || !$username)
{
    // Not logged in! Write login form here
}
else
{
    // They're logged in! Put index page here!
}
?>

Now - In regards to your question with the "station". If there is a station column in the user data base you can put another sql call right above that input field.

<?
// Get station name
$sql_station = mysql_query("SELECT station FROM db_name WHERE user_id = '$user_id'");
$row = mysql_fetch_array($sql_station);
$station = $row['station'];
?>

Then just put $station as the value for the input field.

Hopefully this helped. Have a good one!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.