Page 3 of 3
Posted: Mon Apr 19, 2004 11:46 am
by mike08
Thanks it all works now cheers.
just a quick question
i have set a user_id for guestbook and registration and the same for username two different tables though. - so at the moment someone could enter a new username into the guestbook even though that would not be the one they registered with.
is there a way of making sure the username entered in the guestbook is the one that they logged into the site with?
Posted: Mon Apr 19, 2004 11:50 am
by magicrobotmonkey
dont let them fillit in - populate it from what they logged in with
Posted: Mon Apr 19, 2004 11:58 am
by mike08
how would i populate it then?
if i didn't let them fill in the username.
and say just had the comments box. - how would i connect the same user_id's together so that i know what the user_id is for that person?
sorry not very good at explaining what i mean.
Posted: Mon Apr 19, 2004 12:02 pm
by magicrobotmonkey
Do you use sessions? Or how do you log someone in?
Posted: Mon Apr 19, 2004 12:09 pm
by mike08
yes i use session
at the moment when the user logs in they go to the home page and says welcome and ive managed to get their name appear next to the text welcome - would i the same method in the guestbook form?
Posted: Mon Apr 19, 2004 12:15 pm
by magicrobotmonkey
sho' 'nuff!
looks like $_SESSION['username'] ?
Posted: Mon Apr 19, 2004 12:26 pm
by mike08
thanks so i get that bit now where i can recall the username using sessions.
but how do the two user_id's in the two tables link up so that the same user_id matches that they have logged in with. don't know how to link the two.
for example
register table - has user_id, username first_name etc
guestbook will have user_id, comments.
Posted: Mon Apr 19, 2004 12:32 pm
by magicrobotmonkey
when the user logs in, you check against the register table to make sure its a valid user_id, right? Well, then store it in the session like
$_SESSION['user_id'] = $user;
then, when inserting into guest book,
$query = "INSERT INTO guestbook (user_id, comments) VALUES ($_SESSION[user_id], $comments)";
Posted: Mon Apr 19, 2004 2:48 pm
by mike08
Thanks for your help
$_SESSION['user_id'] = $user;
where abouts would i put this statement
ive entered the new query in my guestbook form.
so far code looks like
Code: Select all
<?php # - guestbook2.php
//This is the guestbook page for the site
// include the configuration file for error management and such
require_once ('includes/config.inc');
//Set the page title and include the HTML header.
$page_title = 'Guestbook';
include ('includes/header.html');
if (isset($_POST['submit'])) { // Handle the form.
require_once ('connections/MyConn_shopbots.php'); // Connect to database
if(isset($_POST['comments'])){
$comments = $_POST['comments'];
//check comment has been entered
if (strlen($comments) > 0) {
$comments = stripslashes($comments);
}
else
{
$comments = NULL;
echo '<p><font color="red" size"+1">You forgot to enter your comments!</b</p>';
}
if ($comments) {
$query = "INSERT INTO guestbook (user_id, comments) VALUES ($_SESSION[user_id], $comments)";
$result = mysql_query ($query) or die("Error submitting comment: ".mysql_error());
// if ($result) { // If it ran ok.
echo '<h3>Thank you for leaving a comments!</h3>';
exit();
} else { // If it did not run ok.
echo '<p><font color="red" size="+1">You could not leave a comment due to a system error. We apologise for any inconvenience.</font></p>';
}
mysql_close(); // Close the database connection.
}
}
?>
Code: Select all
<h1>Guestbook</h1>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset>
<p></p><b>Comments:<b> <textarea name="comments" rows="5" cols="30">
<?php if (isset($_POST['comments'])) echo $_POST['comments']; ?></textarea></p>
</fieldset>
<div align="center"><input type="submit" name="submit" value="Submit" /></div>
</form><!-- End of form -->
<?php // inlcude the HTML footer.
include ('includes/footer.html');
?>
Posted: Mon Apr 19, 2004 2:56 pm
by kino
are u inserting the code in sign.php or view.php??? i tot all those little functions are put into header.php????
Posted: Mon Apr 19, 2004 3:19 pm
by mike08
what i have is a
header and footer file keep all the basic links and ccs file that goes on every page of web site
index.php - home page
register.php
login.php goes to home page if successful
guestbook - that's all i have. as info will go into database if correct
i haven't a view guestbook yet. but will hope to make one somehow.
Posted: Mon Apr 19, 2004 4:06 pm
by magicrobotmonkey
Put this:
$_SESSION['user_id'] = $user;
On the page where you verify user information to log in.
I don't see session_start() in your code, however, so I don't know if you really are using sessions...
Posted: Mon Apr 19, 2004 4:12 pm
by mike08
im using this in my login page - it works ok is that right
Code: Select all
// Query the database.
$query = "SELECT user_id, first_name FROM users WHERE username='$u' AND password=PASSWORD('$p')";
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_NUM);
if ($row) { // A match was made.
// Start the session, register the values & redirect.
$_SESSION['first_name'] = $row[1];
$_SESSION['user_id'] = $row[0];
$_SESSION['var'] = $_POST['var'] ; //returned result of query or the info that the user posted in the form
ob_end_clean(); // Delete the buffer.
shall i put session_start then on my guestbook page also.
Posted: Mon Apr 19, 2004 4:15 pm
by magicrobotmonkey
Yes, session_start() on everypage and your session variables will always be available! Don't forget to do it first thing on the page though