Page 1 of 1

Storing user details on file change?

Posted: Wed Jul 02, 2003 3:34 pm
by Darkside
I'm so :? confused.

I've got a database with 4 fields ID, Name, Email, Team.
And I have a login page and code.

Code: Select all

$sql = "SELECT ID, Name, Email, Team FROM " . $Table . " WHERE Name='" . addslashes($_POSTї'Name']) . "' AND Password='" . md5($_POSTї'Password']) . "' LIMIT 1";
if(!($result = mysql_query($sql))) die(mysql_error());
if(mysql_num_rows($result) == 1) {
$row = mysql_fetch_row($result);
foreach ($row as $key => $value) {
$userї$key] = "$value";
}
echo ("<LINK REL=StyleSheet HREF=style.css TYPE=text/css><body bgcolor=#000000><table width=500 border=0 cellspacing=0 cellpadding=0 height=400>
  <tr bgcolor=1F2B39>
    <td height=7 colspan=2>
      <p align=right>Welcome, $user&#1111;1] (You have $msg new messages)<br> Your $user&#1111;3] Area</p>
    </td>
  </tr>
  <tr>
    <td width=75% valign=top bgcolor=1F2B39>pink
</td>
    <td width=25% valign=top bgcolor=1F2B39>
      <p>News<br>
        Client List</p>
      <p>Send a Message<br>
        Read Messages<br>
        Your Clients area</p>
      <p>Update Your Clients<br>
        Add a Client<br>
        Clients Messages</p>
    </td>
  </tr>
</table>
");
&#125;else&#123;
    echo "Log in didnt work> 
</form>";
&#125;
All the above code works you login in on login.html with your user name and password then it goes 2 login.php will select your info from the database. My question is if I wanted to have links to page to page and A. still be logged in? B. Still have the data stored. But C. Still be save.
I was think of useing this idea on my login.php

if password and user etc = true
set cookie true
else
header back to login.html

Then on a members.php
if cookie isset true
show page

But then i would have lost my selected ID and there fore not being able to print or echo the login users info.

Posted: Thu Jul 03, 2003 4:56 pm
by DuFF
I would suggest using sessions, thats what I am doing right now. Sessions will allow you to add any variable you want to the Sessions array and then later check it because the session information is kept server side. An example would be:

Code: Select all

<?php
session_start();
$_SESSION['Name'] = $_POST['Name']; 
?>
then you could later output the name by saying:

Code: Select all

<?php
$Name = $_SESSION['Name'];
echo "Welcome $Name!"; 
?>
For more info:
http://www.free2code.net/tutorials/prog ... plogin.php
http://us2.php.net/manual/en/ref.session.php