user sessions

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
Obadiah
Forum Regular
Posts: 580
Joined: Mon Jul 31, 2006 9:13 am
Location: Ashland, KY
Contact:

user sessions

Post by Obadiah »

ok....im not quite sure how i got rid of the registration errors but ladies and gents its finally working.....what i want to do now is create user sessions...i know absolutely nothing about this and im not even sure if i need to do thisbut what im trying to do is since the database has already recognized the user how do i get php to direct the user to his/her own personalized page....say to reveiw their own personal info....im guessing what id have to do would be to create some kind of case statement, because as of right now it directs all the users no matter the username to the same page

Code: Select all

session_start();
  include("functions_main.inc");                         
  $table_name = "Customer";                              
  $next_program = "SecretPage.php";//occurance 1

Code: Select all

if($num == 1)                                      
      {
         $sql = "SELECT user_name FROM $table_name 
                 WHERE user_name='$_POST[fusername]'
                 AND password=md5('$_POST[fpassword]')";
         $result2 = mysqli_query($cxn,$sql)
                   or die("Couldn't execute query 2.");  
         $row = mysqli_fetch_assoc($result2);            
         if($row)                                        
         {
           $_SESSION['auth']="yes";                      
           $_SESSION['logname'] = $_POST['fusername'];   
           header("Location: $next_program");//occurance 2            
         }
         else                                            
         {
           $message_1="The Login Name, '$_POST[fusername]' 
                   exists, but you have not entered the 
                   correct password! Please try again.<br>";
           extract($_POST);
           include("fields_login.inc");
           include("double_form.inc");
         }                                               
      }

Code: Select all

else                                              
      {   
        $today = date("Y-m-d");                         
        $fields_str = implode(",",$fields);
        $values_str = implode('","',$values);
        $fields_str .=",create_date";
        $values_str .='"'.",".'"'.$today;
        $fields_str .=",password";
        $values_str .= '"'.","."md5"."('".$password."')";
        $sql = "INSERT INTO $table_name ";
        $sql .= "(".$fields_str.")";
        $sql .= " VALUES ";
        $sql .= "(".'"'.$values_str.")";
        mysqli_query($cxn,$sql) or die(mysqli_error($cxn));
        $_SESSION['auth']="yes";                        
        $_SESSION['logname'] = $user_name;              
        /* send email to new Customer */
        $emess = "You have successfully registered. ";
        $emess .= "Your new user name and password are: ";
        $emess .= "\n\n\t$user_name\n\t";
        $emess .= "password\n\n";
        $emess .= "We appreciate your interest. \n\n";
        $emess .= "If you have any questions or problems,";
        $emess .= " email service@ourstore.com";        
        $subj = "Your new customer registration";       
        #$mailsend=mail("$email","$subj","$emess");     
        header("Location: $next_program");//occurance 3
      }
there are three occurances inwhich the code that im using points to $next_program in the tutorial...where should i place the case statement(assuming that i should or supposed to use a case statement) or am i miles away from home again?

also this line from the tutorial is commented out(i didnt notice it was until after i posted)

Code: Select all

$mailsend=mail("$email","$subj","$emess");
and when i ran it without the comment i got 2 errors that said

Warning: mail() [function.mail]: "sendmail_from" not set in php.ini or custom "From:" header missing in C:\bla\bla\bla\PHP\Login.php on line 204

Warning: Cannot modify header information - headers already sent by (output started at C:\bla\bla\bla\PHP\Login.php:204) in C:\bla\bla\bla\PHP\Login.php on line 205


and here is the funny thing about it all....the username saves in the database....so the information is saving and everything works perfectly...the only problem is when i try to shoot the email to the customer i get that error....does anyone know why?
Last edited by Obadiah on Fri Aug 18, 2006 9:22 am, edited 3 times in total.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

They should be all directed to the same page. However, this page should have a variable sent via $_GET

user1 -> page.php?user=user1
user2 -> page.php?user=user2
user3 -> page.php?user=user3

And so on.

Then you would pull information based on $_GET['user'].
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
Obadiah
Forum Regular
Posts: 580
Joined: Mon Jul 31, 2006 9:13 am
Location: Ashland, KY
Contact:

Post by Obadiah »

scottayy wrote:They should be all directed to the same page. However, this page should have a variable sent via $_GET

user1 -> page.php?user=user1
user2 -> page.php?user=user2
user3 -> page.php?user=user3

And so on.

Then you would pull information based on $_GET['user'].
what do you mean.....should this be done on the page that is posted here or on secret page?....im sorry but im not understanding what you mean.
User avatar
Obadiah
Forum Regular
Posts: 580
Joined: Mon Jul 31, 2006 9:13 am
Location: Ashland, KY
Contact:

Post by Obadiah »

new day plenty of hours later can anyone help me with this problem....perhaps shed some light on what scottay said....i think what hes meaning is to possibly create a php page and somewhere in the beginning put $_GET USER kinda like

Code: Select all

<?php
$_GET user_name;//this is the primary key field
echo "
<html>
<head>
<title></title>
<body>
<!--will contain specific users' content-->
</body>
</head>
</html>
";
?>
but where do i place

user1 -> page.php?user=user1
user2 -> page.php?user=user2
user3 -> page.php?user=user3

also if i have one site and i want the user to go to his own personalized version of it that has his information stored in it....where do i place his files....wouldent i have to direct php to the different files and such for user1 and so on....these are some of the things that im not understanding
User avatar
Obadiah
Forum Regular
Posts: 580
Joined: Mon Jul 31, 2006 9:13 am
Location: Ashland, KY
Contact:

Post by Obadiah »

:? can anyone help me figure this out....maybe a nice admin who could spare to shed some light on this newbies dark mind thats not understanding what scottayy said....anyone :cry:
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

A user logs in correct... Say you want to show them THEIR info & nobody elses. Here's the idea behind it

Login Form -> User Logs in -> Login is proceessed and validated -> user is redirected to a page containing their information.

A simple psuedo redirection would look like this

Code: Select all

$username = $_POST['username'];

//validation exists

header('Location: info.php?user='.$username);
Say they entered 'bob' as their username. They would be redirected to info.php?user=bob. Now, that's what makes it show THEIR info and nobody elses. You could get their username by using the get variable.

Code: Select all

$user = $_GET['user']
Now you display only information pertaining to that user? How? That's up to you. Usually it's done using a database query or two.

Code: Select all

SELECT * FROM `user_data` WHERE `username` = '$user'
Now, that query will only grab information for the user that you see in your URL query string. To simplify once again..

Bob logs in
Bob is redirected to info.php?user=bob
info.php queries for info for bob

Hope this makes sense. And it's what you're asking? :)
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

Wow, I think I totally missed the point of your question. Are you just trying to get emails to work?

:oops:
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
Obadiah
Forum Regular
Posts: 580
Joined: Mon Jul 31, 2006 9:13 am
Location: Ashland, KY
Contact:

Post by Obadiah »

ok....what your saying to do is something like this

Code: Select all

else                                              
      {   
        $today = date("Y-m-d");                         
        $fields_str = implode(",",$fields);
        $values_str = implode('","',$values);
        $fields_str .=",create_date";
        $values_str .='"'.",".'"'.$today;
        $fields_str .=",password";
        $values_str .= '"'.","."md5"."('".$password."')";
        $sql = "INSERT INTO $table_name ";
        $sql .= "(".$fields_str.")";
        $sql .= " VALUES ";
        $sql .= "(".'"'.$values_str.")";
        mysqli_query($cxn,$sql) or die(mysqli_error($cxn));                 
        $_SESSION['auth']="yes";                        
        $_SESSION['logname'] = $user_name;              
        /* send email to new Customer */
        $emess = "You have successfully registered. ";
        $emess .= "Your new user name and password are: ";
        $emess .= "\n\n\t$user_name\n\t";
        $emess .= "password\n\n";
        $emess .= "We appreciate your interest. \n\n";
        $emess .= "If you have any questions or problems,";
        $emess .= " email service@ourstore.com";        
        $subj = "Your new customer registration";       
        $mailsend=mail("$email","$subj","$emess");     
        $user_name= $_POST['user_name']
        header("Location: $next_program?user=.$username");  
      //or
      //header('Location: info.php?user='.$username);    
      }
    break;                                              

    default:                                            
           include("fields_login.inc");
           include("double_form.inc");
  }
and on info.php do something like

Code: Select all

<?php 
$user = _GET['user_name']
echo " 
<html> 
<head> 
<title></title> 
<body> 
<!--will contain specific users' content--> 
</body> 
</head> 
</html> 
"; 
?>
is this right?
Post Reply