Results 1 to 7 of 7

Thread: Auto filling form fields based on session login

  1. #1
    Join Date
    Apr 2008
    Posts
    21
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default Auto filling form fields based on session login

    I am trying to auto fill certain fields on a page based on the user that is logged in. I have the SESSION set but have a couple places that look at the SESSION in the page to display a form and welcome message. I want to have the $name and $lname that is in the database display in the form labeled Reviews. I cut some of the insignificant code to make it fit in this post. I have tried multiple things to make this work. If someone could look it over I would greatly appreciate it. I am very new to PHP so please explain in detail.
    PHP Code:
    <?php
    session_start
    ();
    $_SESSION['name'] = "$name";
    ?>


    <head>

    <link href="stylesheets/main.css" rel="stylesheet" type="text/css" />
    <script type="text/javascript" src="scripts/charLeft.js"></script>



    <!-- #EndEditable -->

    <!--$begin pageHtmlBefore$-->
    <link rel="shortcut icon" href="images/favicon.ico"/><!--$end pageHtmlBefore$-->
    </head>
    <!-- #BeginEditable "body" -->
    <body id="starter">
    <!-- DO NOT MOVE! The following AllWebMenus linking code section must always be placed right AFTER the BODY tag-->
    <!-- ******** BEGIN ALLWEBMENUS CODE FOR menu ******** -->
    <script type="text/javascript">var MenuLinkedBy="AllWebMenus [4]",awmMenuName="menu",awmBN="828";awmAltUrl="";</script><script charset="UTF-8" src="scripts/menu.js" type="text/javascript"></script><script type="text/javascript">awmBuildMenu();</script>
    <!-- ******** END ALLWEBMENUS CODE FOR menu ******** -->

    <!-- #EndEditable -->

    <div id="main-wrap"><div id="awmAnchor-menu"></div><div id="header">
        <img alt="" height="229" src="images/layout/ame-layout-header-starter.jpg" width="990" />
        </div>
    <div id="clear2">
        </div>

    <div id="right-column">
        <div id="right-header"><div class="right-content-head">
        <div id="login">
        <?php 
    if ($_SESSION['myusername']){ 
     echo 
    "Welcome, ".$_SESSION['myusername']."&nbsp;<a href='http://remotelystartedmn.com/logout.php'>Logout</a><br>"
     }
    else
    {
        echo 
    "<h1 class='center'>";
        echo 
    "Please Login";
        echo 
    "</h1>";
        echo 
    "<form name=\"form1\" method=\"post\" action=\"http://remotelystartedmn.com/checklogin.php\">";
        echo 
    "<table>";
        echo 
    "<tr><td>"
        echo 
    "Username:";
        echo 
    "</td><td>"
        echo 
    "<input name=\"myusername\" type=\"text\" id=\"myusername\"/>";
        echo 
    "</td></tr>";
        echo 
    "<tr><td>"
        echo 
    "Password:";
        echo 
    "</td><td>"
        echo 
    "<input name=\"mypassword\" type=\"password\" id=\"mypassword\"/>";
        echo 
    "</td></tr>";
        echo 
    "<tr><td>"
        echo 
    "";
        echo 
    "</td><td>"
        echo 
    "<input name=\"Submit1\" type=\"image\" src=\"http://remotelystartedmn.com/images/submit-btn.png\" value=\"submit\"/>";
        echo 
    "</td></tr>";
    echo 
    "</table>";
    echo 
    "</form>";
    echo 
    "Not a member yet! <a href='http://remotelystartedmn.com/register.php'>Register</a>";
    }
    ?>
    </div><!-- #BeginEditable "right-column-head" -->
        <h1>In most case<a name="iDatalink"></a>s extra parts are needed.</h1>
                <p>With the advances in today's vehicles many times additional parts 
                are needed to install a remote starter or alarm.&nbsp; This may 
                sound like a problem but with the modules I use it has never been 
                easier and safer for your vehicle.&nbsp; I use the iDatalink brand 
                bypass modules to insure a clean, safe install.</p>
                <p class="center">
                <img alt="iDatalink Multi Series Module" height="134" src="images/idata-module.png" width="180" id="img2" /></p>
                <h1>Benefits of iDatalink Modules:<br/></h1><ul id="idata"><li>Vehicle specific firmware</li>
                    <li>Updateable Online</li>
                    <li>No giving up a key for the installation</li>
                    <li>Safe DATA communication to vehicle</li>
                    <li>Less wire tapping into vehicle</li>
                    <li>Faster / Cleaner installations</li></ul>
                    <h1>To get a FREE quote 
                    <a href="index.html#Quote">click&gt;&gt;</a> to go back to our info form.</h1>
        <!-- #EndEditable --></div></div>
            <div class="right-content"><!-- #BeginEditable "right-column-content" -->
                    <!-- #EndEditable --><br /><h1>Connect with me!</h1>
                <p>
                <a href="http://www.facebook.com/?ref=home#!/pages/Remotely-Started-MN/125935220750872?ref=ts" target="_blank">
                <img alt="" height="28" src="images/facebook-icon.png" width="25" /></a>&nbsp;&nbsp;&nbsp;
                <a href="http://maps.google.com/maps/place?hl=en&amp;georestrict=input_srcid%3Ab23969e1ae99ea26" target="_blank">
                <img alt="" height="23" src="images/google-icon.png" width="24" /></a>&nbsp;&nbsp;&nbsp;
                <a href="http://www.linkedin.com/companies/961137" target="_blank">
                <img alt="" height="25" src="images/linkedin-icon.png" width="25" /></a>&nbsp;&nbsp;&nbsp;
                <a href="http://local.yahoo.com/info-64520724-remotely-started-mn-burnsville;_ylt=Apo8dQFF3MX5xprXVa04p.qHNcIF;_ylv=3?csz=Burnsville%2C+MN+55337" target="_blank">
                <img alt="" height="23" src="images/yahoo-icon.png" width="40" /></a>&nbsp;&nbsp;&nbsp;
                <a href="http://www.yelp.com/biz/remotely-started-mn-burnsville" target="_blank">
                <img alt="" height="24" src="images/yelp-icon.png" width="19" /></a></p>
        </div>
        </div>

    <div id="left-column"><!-- #BeginEditable "left column" -->
    <?php
    mysql_connect
    ("rsmnproducts.db.5881165.hostedresource.com""rsmnproducts""*******") or die(mysql_error());
    mysql_select_db("rsmnproducts") or die(mysql_error());

    // Get all the data from the "example" table
    $result mysql_query("SELECT * FROM reviews ORDER BY date DESC"
    or die(
    mysql_error());   

    // keeps getting the next row until there are no more to get
        // Print out the contents of each row into a table 
        
    echo '<div>';
            while(
    $row mysql_fetch_array$result )) {
        echo 
    '<h1 class=\'neg-marg3\'>';
        echo 
    $row['name'], '&nbsp;'$row['lname'], '&nbsp;&nbsp;&nbsp;''<span class=\'norm-text\'>','Star Rating:''&nbsp;''</span>',$row['starrate'];
        echo 
    '</h1>''<span class=\'norm-text\'>';
        echo 
    $row['date'];
        echo 
    '</span>''<p class=\'norm-text neg-marg4\'>';  
        echo 
    '&quot;'$row['comments'], '&quot;';
        echo 
    '</p>';
        }
        echo 
    "</div>";
    ?>
    <div id="leave-comment">
    <?php
    if ($_SESSION['myusername']){
    echo 
    "<form name=\"reviews\" action=\"database.php\" method=\"post\">";
            echo 
    "<table cellpadding=\"0\" cellspacing=\"6\" style=\"width: 100%; background-color:#1d1d1d\">";
            echo 
    "<tr><th colspan=\"2\">Leave Me A Review</th></tr>";
            echo 
    "<tr><td style=\"width: 50%\">First Name: *</td>";
            echo 
    "<td>Last Name: *</td></tr>";
            echo 
    "<tr><td>";
            echo 
    "<input name=\"name\" type=\"text\" value=\"$name\" style=\"width: 200px\" /></td>";
            echo 
    "<td><input name=\"lname\" type=\"text\" value=\"$lname\" style=\"width: 200px\" /></td></tr>";
            echo 
    "<tr><td colspan=\"2\">";
            echo 
    "Review: (700 characters max)*</td>";
            echo 
    "</tr><tr>";
            echo 
    "<td colspan=\"2\"><textarea name=\"comments\" onblur=\"InputLengthCheck();\"onkeyup=\"InputLengthCheck();\" style=\"width: 531px; height: 100px\" rows=\"1\"></textarea>";
            echo 
    "</td></tr>";
            echo 
    "<tr><td colspan=\"2\">";
            echo 
    "<input readonly=\"readonly\" type=\"text\" name=\"CharsTyped\" size=\"8\"/> characters typed</td>";
            echo 
    "</tr><tr>";
            echo 
    "<td colspan=\"2\">Star Rating:*&nbsp;<select name=\"starrate\">";
            echo 
    "<option></option>";
            echo 
    "<option value=\"1\">1</option>";
            echo 
    "<option value=\"2\">2</option>";
            echo 
    "<option value=\"3\">3</option>";
            echo 
    "<option value=\"4\">4</option>";
            echo 
    "<option value=\"5\">5</option>";
            echo 
    "</select></td>";
            echo 
    "</tr><tr>";
            echo 
    "<td colspan=\"2\">";
    require_once(
    'recaptchalib.php');
    $publickey "6LfnjroSAAAAAKjSZDZnnvB58IZd--47O9I-1WBF "// you got this from the signup page
    echo recaptcha_get_html($publickey);

            echo 
    "</td></tr>";
            echo 
    "<tr><td colspan=\"2\">";
            echo 
    "&nbsp;<input name=\"Submit1\" type=\"image\" src=\"images/submit-btn.png\" value=\"submit\"/>";
            echo 
    "&nbsp;<input name=\"Reset1\" type=\"image\" src=\"images/reset-btn.png\" value=\"reset\" />";
            echo 
    "&nbsp; * All Fields Required</td>";
            echo 
    "</tr>";
            echo 
    "</table>";
            echo 
    "</form>";
    }
    else
    {
    echo 
    "<h1 class=\"center\">";
        echo 
    "Please login to leave me a positive review.<br>If you are not a member yet <a href=\"register.php\">Register</a>";
        echo 
    "</h1>";
    }
    ?>
    </div>
        <!-- #EndEditable --> 
        &nbsp;</div><div id="clear"></div>
        <div id="footer-img">
        
        <img alt="" height="69" src="images/layout/ame-layout-footer-main2.jpg" width="990" /><div id="footer-content">
            <ul id="footer-menu">
            <li><a href="index.php">Home</a></li>
                <li><a href="store/index.php">Online Store</a></li>
                <li><a href="contact.php">Contact</a></li>
                <li>(612) 840-1039 </li>
        </ul>
        </div>
    </div>
         
        </div>
    <!-- Start of StatCounter Code -->
    <script type="text/javascript">
    var sc_project=5719037; 
    var sc_invisible=1; 
    var sc_partition=60; 
    var sc_click_stat=1; 
    var sc_security="929a447a"; 
    </script>

    <script type="text/javascript"
    src="http://www.statcounter.com/counter/counter_xhtml.js"></script><noscript><div
    class="statcounter"><a title="myspace profile views counter"
    class="statcounter"
    href="http://www.statcounter.com/myspace/"><img
    class="statcounter"
    src="http://c.statcounter.com/5719037/0/929a447a/1/"
    alt="myspace profile views counter" /></a></div></noscript>
    <!-- End of StatCounter Code -->
    </body>

    <!-- #EndTemplate -->

    </html>
    Last edited by djr33; 06-08-2010 at 04:45 AM. Reason: removed password from DB info

  2. #2
    Join Date
    Apr 2008
    Posts
    21
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default

    Anyone anyone!
    I found that I can make it happen if the user inputs the info into a form field upon login, but I don't know how to pull the info from the database instead of them inputting it everytime. The database holds the users name, last name and so on. just like normal they are only asked to type the username and password to login, but I want to pass the other info into the session so I can use it on other pages for them.

    Any help would be greatly appreciated!

  3. #3
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,164
    Thanks
    265
    Thanked 690 Times in 678 Posts

    Default

    I don't really get the whole picture from that post.

    $name is not set anywhere at the top of the page, yet you are using it to set $_SESSION['name']. Isn't it empty, so $_SESSION['name'] is also empty then?

    Did you mean to call it "myusername" like in the form and in the if? That might be the whole problem.

    If you are relying on "register_globals" (a setting in PHP that makes any sent form values directly into regular variables--- $_POST['varname'] becomes $varname automatically), that's a really bad idea and it's a lot better to 1) turn off register globals (it'll cause confusion at some point), and 2) use $_POST['myusername'] instead of immediately $myusername.


    So, if you just use $_SESSION['myusername'] = $_POST['myusername'] will that work?


    However, you don't want this to occur every page load. You want this to occur only if the form was sent (if they're already logged in, don't display the form, don't reset $_SESSION['myusername']).

    PHP Code:
    <?php
    session_start
    (); //start session, always at the top!
    if (isset($_POST['myusername'])) { //the username was submitted from the form
         
    $_SESSION['myusername'] = $_POST['myusername']; //store it
    }
    ///..........
    That does NOT do any sort of password verification, which should be done with the database (right?), so that's the next step. To get the basic setup working, though, that should be what you need.


    Some general pointers about your code (and to make it a LOT easier to help-- make your code easier to read):
    1. Don't echo everything. Leave the PHP code and use HTML directly. You CAN use it within PHP if/else statements, but just do it outside of the ?> .... <?php tags:
    PHP Code:
    <?php
    if (1==1) { //begin an if
    ?>
    <html>
    <?php
    //end the if
    ?>
    That will GREATLY help the readability of your code and remove the need for all of the annoying escaped quotes.

    2. As much as possible, avoid mixing PHP into the HTML. You should have a page that starts with a lot of PHP stuff: start the session, connect to the database, handle any sent forms, and do anything else that is "above" the level of the html. THEN begin your html output and as little as you can, include PHP when it's needed: have everything setup at the top, and then deal with the determined actions below. For example, at the top of your page you can set a variable called $loggedin and use that below. Or, in this case, just use $_SESSION['myusername'], but the point is that you have this all setup and you can use VERY minimal PHP within the rest of the page.

    3. Use if(isset($var)) rather than just if ($var). This is a lot clearer and it won't give you weird results like if your $var is set to 0, that'll actually be considered false, etc.

    4. Don't use quotes where you don't need them. See (1) above, but also at the beginning you use $_SESSION['name'] = "$name"; -- you don't need quotes around variables-- just use $name. In fact, it's usually a bad idea to put variables in quotes. Just keep them separate: "something".$variable; (that'll be 'somethinghello' if $variable is 'hello').

    5. This isn't a huge problem, but it's a personal preference: use single quotes (') rather than double quotes (") because that will avoid the horribly awkward need to escape everything: $var = '<tag thing="value">';. Much easier
    (Double quotes are completely valid, but they're processed more slowly than single because they also allow variables inside of them. Single quotes allow only direct text: '$hello' is equal to literally $hello, but "$hello" is equal to the value of hello.)


    Here's a reworked version of your page to give you some ideas:
    Once it's adjusted using this as reference, it'll be easier to figure out what's wrong.

    [moved to next post-- it was too long]
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

  4. #4
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,164
    Thanks
    265
    Thanked 690 Times in 678 Posts

    Default

    PHP Code:
    <?php
    //here we're going to setup the whole page:

    ///start the session!
    session_start();

    ///setup a captcha:
    require_once('recaptchalib.php');
    $publickey "6LfnjroSAAAAAKjSZDZnnvB58IZd--47O9I-1WBF "// you got this from the signup page

    //connect to a database:
    mysql_connect("rsmnproducts.db.5881165.hostedresource.com""rsmnproducts""******") or die(mysql_error());
    mysql_select_db("rsmnproducts") or die(mysql_error());



    //handle form input:
    //login:
    if (isset($_POST['myusername'])) { //the username was submitted from the form
         
    $_SESSION['myusername'] = $_POST['myusername']; //store it
    }


    //now everything is streamlined and ready to go below:

    ?>
    <html>
    <head>
    <link href="stylesheets/main.css" rel="stylesheet" type="text/css" />
    <script type="text/javascript" src="scripts/charLeft.js"></script>
    <!-- #EndEditable -->

    <!--$begin pageHtmlBefore$-->
    <link rel="shortcut icon" href="images/favicon.ico"/><!--$end pageHtmlBefore$-->
    </head>
    <!-- #BeginEditable "body" -->
    <body id="starter">
    <!-- DO NOT MOVE! The following AllWebMenus linking code section must always be placed right AFTER the BODY tag-->
    <!-- ******** BEGIN ALLWEBMENUS CODE FOR menu ******** -->
    <script type="text/javascript">var MenuLinkedBy="AllWebMenus [4]",awmMenuName="menu",awmBN="828";awmAltUrl="";</script><script charset="UTF-8" src="scripts/menu.js" type="text/javascript"></script><script type="text/javascript">awmBuildMenu();</script>
    <!-- ******** END ALLWEBMENUS CODE FOR menu ******** -->

    <!-- #EndEditable -->

    <div id="main-wrap"><div id="awmAnchor-menu"></div><div id="header">
        <img alt="" height="229" src="images/layout/ame-layout-header-starter.jpg" width="990" />
        </div>
    <div id="clear2">
        </div>

    <div id="right-column">
        <div id="right-header"><div class="right-content-head">
        <div id="login">
        <?php 
    if (isset($_SESSION['myusername'])){ 
     
    ?>
     Welcome, <?php echo $_SESSION['myusername']; ?>&nbsp;<a href='http://remotelystartedmn.com/logout.php'>Logout</a><br>
     <?php
     
    }
    else
    {
    ?>
        <h1 class='center'>
        Please Login
        </h1>
        <form name="form1" method="post" action="http://remotelystartedmn.com/checklogin.php">
        <table>
        <tr><td> 
        Username:
        </td><td> 
        <input name="myusername" type="text" id="myusername"/>
        </td></tr>
        <tr><td> 
        Password:
        </td><td> 
        <input name="mypassword" type="password" id="mypassword"/>
        </td></tr>
        <tr><td> 
        </td><td> 
        <input name="Submit1" type="image" src="http://remotelystartedmn.com/images/submit-btn.png" value="submit"/>
        </td></tr>
    </table>";
    </form>";
    Not a member yet! <a href='http://remotelystartedmn.com/register.php'>Register</a>";
    <?php
    }
    ?>
    </div><!-- #BeginEditable "right-column-head" -->
        <h1>In most case<a name="iDatalink"></a>s extra parts are needed.</h1>
                <p>With the advances in today's vehicles many times additional parts 
                are needed to install a remote starter or alarm.&nbsp; This may 
                sound like a problem but with the modules I use it has never been 
                easier and safer for your vehicle.&nbsp; I use the iDatalink brand 
                bypass modules to insure a clean, safe install.</p>
                <p class="center">
                <img alt="iDatalink Multi Series Module" height="134" src="images/idata-module.png" width="180" id="img2" /></p>
                <h1>Benefits of iDatalink Modules:<br/></h1><ul id="idata"><li>Vehicle specific firmware</li>
                    <li>Updateable Online</li>
                    <li>No giving up a key for the installation</li>
                    <li>Safe DATA communication to vehicle</li>
                    <li>Less wire tapping into vehicle</li>
                    <li>Faster / Cleaner installations</li></ul>
                    <h1>To get a FREE quote 
                    <a href="index.html#Quote">click&gt;&gt;</a> to go back to our info form.</h1>
        <!-- #EndEditable --></div></div>
            <div class="right-content"><!-- #BeginEditable "right-column-content" -->
                    <!-- #EndEditable --><br /><h1>Connect with me!</h1>
                <p>
                <a href="http://www.facebook.com/?ref=home#!/pages/Remotely-Started-MN/125935220750872?ref=ts" target="_blank">
                <img alt="" height="28" src="images/facebook-icon.png" width="25" /></a>&nbsp;&nbsp;&nbsp;
                <a href="http://maps.google.com/maps/place?hl=en&amp;georestrict=input_srcid%3Ab23969e1ae99ea26" target="_blank">
                <img alt="" height="23" src="images/google-icon.png" width="24" /></a>&nbsp;&nbsp;&nbsp;
                <a href="http://www.linkedin.com/companies/961137" target="_blank">
                <img alt="" height="25" src="images/linkedin-icon.png" width="25" /></a>&nbsp;&nbsp;&nbsp;
                <a href="http://local.yahoo.com/info-64520724-remotely-started-mn-burnsville;_ylt=Apo8dQFF3MX5xprXVa04p.qHNcIF;_ylv=3?csz=Burnsville%2C+MN+55337" target="_blank">
                <img alt="" height="23" src="images/yahoo-icon.png" width="40" /></a>&nbsp;&nbsp;&nbsp;
                <a href="http://www.yelp.com/biz/remotely-started-mn-burnsville" target="_blank">
                <img alt="" height="24" src="images/yelp-icon.png" width="19" /></a></p>
        </div>
        </div>

    <div id="left-column"><!-- #BeginEditable "left column" -->
    <?php
    // Get all the data from the "example" table
    $result mysql_query("SELECT * FROM reviews ORDER BY date DESC"
    or die(
    mysql_error());   
    // keeps getting the next row until there are no more to get
        // Print out the contents of each row into a table 
        
    ?>
        <div>
        <?php
        
    while($row mysql_fetch_array$result )) {
        
    ?>
        <h1 class='neg-marg3'>
        <?php echo $row['name'?>&nbsp;<?php echo $row['lname']; ?>&nbsp;&nbsp;&nbsp;<span class='norm-text'>Star Rating:&nbsp;</span><?php echo $row['starrate']; ?>
        </h1><span class='norm-text'>
        <?php echo $row['date']; ?>
        </span><p class='norm-text neg-marg4'>
        &quot;<?php echo $row['comments']; ?>&quot;
        </p>
        <?php
        
    }
        echo 
    "</div>";
    ?>
    <div id="leave-comment">
    <?php
    if (isset($_SESSION['myusername'])){
    ?>
    <form name="reviews" action="database.php" method="post">
            <table cellpadding="0" cellspacing="6" style="width: 100%; background-color:#1d1d1d">
            <tr><th colspan="2">Leave Me A Review</th></tr>
            <tr><td style="width: 50%">First Name: *</td>
            <td>Last Name: *</td></tr>
            <tr><td>
            <input name="name" type="text" value="$name" style="width: 200px" /></td>
            <td><input name="lname" type="text" value="$lname" style="width: 200px" /></td></tr>
            <tr><td colspan="2">
            Review: (700 characters max)*</td>
            </tr><tr>
            <td colspan="2"><textarea name="comments" onblur="InputLengthCheck();"onkeyup="InputLengthCheck();" style="width: 531px; height: 100px" rows="1"></textarea>
            </td></tr>
            <tr><td colspan="2">
            <input readonly="readonly" type="text" name="CharsTyped" size="8"/> characters typed</td>
            </tr><tr>
            <td colspan="2">Star Rating:*&nbsp;<select name="starrate">
            <option></option>
            <option value="1">1</option>
            <option value="2">2</option>
            <option value="3">3</option>
            <option value="4">4</option>
            <option value="5">5</option>
            </select></td>
            </tr><tr>
            <td colspan="2">
            <?php echo recaptcha_get_html($publickey); ?>
            </td></tr>
            <tr><td colspan="2">
            &nbsp;<input name="Submit1" type="image" src="images/submit-btn.png" value="submit"/>
            &nbsp;<input name="Reset1" type="image" src="images/reset-btn.png" value="reset" />
            &nbsp; * All Fields Required</td>
            </tr>
            </table>
            </form>
    <?php
    }
    else
    {
    ?>
        <h1 class="center">
        Please login to leave me a positive review.<br>If you are not a member yet <a href="register.php">Register</a>;
        </h1>
    <?php
    }
    ?>
    </div>
        <!-- #EndEditable --> 
        &nbsp;</div><div id="clear"></div>
        <div id="footer-img">
        
        <img alt="" height="69" src="images/layout/ame-layout-footer-main2.jpg" width="990" /><div id="footer-content">
            <ul id="footer-menu">
            <li><a href="index.php">Home</a></li>
                <li><a href="store/index.php">Online Store</a></li>
                <li><a href="contact.php">Contact</a></li>
                <li>(612) 840-1039 </li>
        </ul>
        </div>
    </div>
         
        </div>
    <!-- Start of StatCounter Code -->
    <script type="text/javascript">
    var sc_project=5719037; 
    var sc_invisible=1; 
    var sc_partition=60; 
    var sc_click_stat=1; 
    var sc_security="929a447a"; 
    </script>

    <script type="text/javascript"
    src="http://www.statcounter.com/counter/counter_xhtml.js"></script><noscript><div
    class="statcounter"><a title="myspace profile views counter"
    class="statcounter"
    href="http://www.statcounter.com/myspace/"><img
    class="statcounter"
    src="http://c.statcounter.com/5719037/0/929a447a/1/"
    alt="myspace profile views counter" /></a></div></noscript>
    <!-- End of StatCounter Code -->
    </body>

    <!-- #EndTemplate -->

    </html>
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

  5. #5
    Join Date
    Apr 2008
    Posts
    21
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default

    Cool, thanks for the response. I actually learned a lot there about how to mix php and html, that will make things easier to build! I guess I'm still not sure how to proceed in my original issue. I will provide my check login page to see if that is where the issue lies. Unless I'm not understanding, from what I know the only variable the SESSION has is the username and password cause they are POSTED in the login form.

    I have uploaded the code you provided me and is live at http://remotelystartedmn.com/reviews.php

    Use this temporary login info to see what the page does - username=username and password=password.
    The other info stored in the database for that username is name=James, lname=Erdmann. I want those two items listed already in the review form once they login. As you will see when you initially login all it says is $name and $lname.

    Hopefully that makes it more clear as to what I am trying to achieve.Below is my checklogin.php page. This is the page that verifies the username and password for login and sets up the session. I am sure there are things wrong with this and I think this is really where the issues lies. Thanks again, JD
    PHP Code:
    <?php
    $host
    ="rsmnproducts.db.******"// Host name 
    $username="****"// Mysql username 
    $password="****"// Mysql password 
    $db_name="rsmnproducts"// Database name 
    $tbl_name="rslog"// Table name 

    // Connect to server and select databse.
    mysql_connect("$host""$username""$password")or die("cannot connect"); 
    mysql_select_db("$db_name")or die("cannot select DB");

    // Define $myusername and $mypassword 
    $myusername=$_POST['myusername']; 
    $mypassword=$_POST['mypassword'];
    $mypassword md5($mypassword); 
    $name $_POST['name'];
    $lname $_POST['lname'];

    // To protect MySQL injection (more detail about MySQL injection)
    $myusername stripslashes($myusername);
    $mypassword stripslashes($mypassword);
    $myusername mysql_real_escape_string($myusername);
    $mypassword mysql_real_escape_string($mypassword);

    $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
    $result=mysql_query($sql);

    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);
    // If result matched $myusername and $mypassword, table row must be 1 row

    if($count==1){
    // Register $myusername, $mypassword and redirect to file "login_success.php"
    session_register("myusername");
    session_register("mypassword");
    session_register("name");
    session_register("lname");
    $_SESSION['myusername'] = $myusername;
    $_SESSION['name'] = $name;
    $_SESSION['lname'] = $lname;
    $ref $_SERVER['HTTP_REFERER'];
    header'refresh: 0; url='.$ref);
    }
    else {
    echo 
    "Wrong Username or Password";
    }

    ?>

  6. #6
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,164
    Thanks
    265
    Thanked 690 Times in 678 Posts

    Default

    // Define $myusername and $mypassword
    $myusername=$_POST['myusername'];
    $mypassword=$_POST['mypassword'];
    $mypassword = md5($mypassword);
    $name = $_POST['name'];
    $lname = $_POST['lname'];
    This part doesn't make sense. You are doing this EVERY time the page loads. You should only do this if (isset($_POST['myusername'])) (and the other variables, maybe, but if that is sent, then the rest should be also).

    I believe you said this worked once then didn't keep you logged in: that's why-- every time you load the page it's looking for the form to be sent and if not, it won't validate.


    The method using $count is creative, but it's an odd way to do it: assuming that if you get a result the information the user sent is correct. I actually can't think of any reason this would be wrong, but the usual way to do it is to do: SELECT * FROM .... WHERE password, etc. (and * means 'everything'), then use the info from that: mysql_fetch_array($result), $result['username'], etc.
    Actually, using $count might be fine (even easier), but it just seems unusual and it's hard to predict if that's entirely secure.
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

  7. #7
    Join Date
    Apr 2008
    Posts
    21
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default

    IIIIIIIIIIIIII GOOOOOOOOOOOOOTT IIIIIIIIIIIIIIITTTT, thanks for all the help and after a ton more messing around I finally figured it out. If any one else ever needs help in this feel free to contact me and I'll let you know what I did.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •