simple question about mysql and php

I have done everything he said on Mr. Ray Paseur article , it works perfectly fine. I created another page,

I use $uid = access_control(); it works fine too, I wrote

echo "<br/>HELLO $uid AND WELCOME TO THE ACCESS CONTROLLED PAGE<br>"; it shows the uid of the user.

I created another column on the database that shows the names, it's called "names"

how can print the name of the person instead of his $uid?

https://www.experts-exchange.com/articles/2391/PHP-Client-Registration-Login-Logout-and-Easy-Access-Control.html
LVL 1
BRMarketingAsked:
Who is Participating?
 
Martin AndrewsConnect With a Mentor Commented:
If you wanted to add a user's name in addition to the username, you'd have to update the registration section to something like the following:

<?php // RAY_EE_register.php
require_once('RAY_EE_config.php');

// WE ASSUME NO ERRORS OCCURRED
$err = NULL;

// WAS EVERYTHING WE NEED POSTED TO THIS SCRIPT?
if ( (!empty($_POST["uid"])) && (!empty($_POST["pwd"])) && (!empty($_POST["vwd"])) && (!empty($_POST["uname"])) )
{
    // YES, WE HAVE THE POSTED DATA. ESCAPE IT FOR USE IN A QUERY
    $uid = $mysqli->real_escape_string($_POST["uid"]);
   $uname = $mysqli->real_escape_string($_POST["uname"]);
    $pwd = $mysqli->real_escape_string($_POST["pwd"]);
    $vwd = $mysqli->real_escape_string($_POST["vwd"]);

    // DO THE PASSWORDS MATCH?
    if ($pwd != $vwd) $err .= "<br/>FAIL: CHOOSE AND VERIFY PASSWORDS DO NOT MATCH";

    // DOES THE UID ALREADY EXIST?
    $sql = "SELECT uid FROM EE_userTable WHERE uid = '$uid' LIMIT 1";
    if (!$res = $mysqli->query($sql)) trigger_error( $mysqli->error, E_USER_ERROR );
    $num = $res->num_rows;
    if ($num) $err .= "<br/>FAIL: UID $uid IS ALREADY TAKEN.  CHOOSE ANOTHER";

    // IF THERE WERE NO ERRORS THAT PREVENT REGISTRATION
    if (!$err)
    {
        // MAKE THE UNIQUE USER KEY
        $uuk = md5($uid . $pwd . rand());
        $sql = "INSERT INTO EE_userTable (uid, pwd, uuk, names) VALUES ('$uid', '$pwd', '$uuk', '$uname')";
        if (!$res = $mysqli->query($sql)) trigger_error( $mysqli->error, E_USER_ERROR );

        // STORE THE USER-ID IN THE SESSION ARRAY
        $_SESSION["uid"] = $uid;
       $_SESSION["uname"] = $uname;

        // IS THE "REMEMBER ME" CHECKBOX SET?
        if (isset($_POST["rme"]))
        {
            remember_me($uuk);
        }

        // REGISTRATION AND LOGIN COMPLETE
        echo "<br/>WELCOME $uname. REGISTRATION COMPLETE.  YOU ARE LOGGED IN.";
        echo "<br/>CLICK <a href=\"/\">HERE</a> TO GO TO THE HOME PAGE";
        die();
    }

    // IF THERE WERE ERRORS
    else
    {
        echo $err;
        echo "<br/>SORRY, REGISTRATION FAILED";
    }
} // END OF FORM PROCESSING - PUT UP THE FORM
?>
<form method="post">
PLEASE REGISTER
<br/>CHOOSE USERNAME: <input name="uid" />
<br/>ENTER YOUR NAME: <input name="uname" />
<br/>CHOOSE PASSWORD: <input name="pwd" type="password" />
<br/>VERIFY PASSWORD: <input name="vwd" type="password" />
<br/><input type="checkbox" name="rme" />KEEP ME LOGGED IN (DO NOT CHECK THIS ON A PUBLIC COMPUTER)
<br/><input type="submit" value="REGISTER" />
</form>
0
 
Julian HansenCommented:
Can you post your code.
0
 
BRMarketingAuthor Commented:
Below I can see the $uid, I print it. no problem, but what I want is to have the user's name printed on the screen not the id.

My table has 5 colomns
Table name: KullaniciBilgileri
Colomn Names: _key , uid, pwd, uuk, isim

I suppose connection is not required since I have config.php in my page...

I need the sql sentence  to see the name of user name

the code is like this:
<?php // controlled.php
require_once('config.php');

// ACCESS TO THIS PAGE IS CONTROLLED
$uid = access_control();

echo "<br/>HELLO $uid AND WELCOME TO THE ACCESS CONTROLLED PAGE<br>";

?>
0
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

 
BRMarketingAuthor Commented:
below code works fine, but I want to bring $uid's name on screen.
since $uid is global, I can use it can't I?

$servername = "xxxxxxxxxxxx";
$username = "xxxxxxxxxxxxxxxx";
$password = "xxxxxxxxxxx";
$dbname = "xxxxxxxxxxx";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

$sql = "SELECT isim FROM KullaniciBilgileri where _key='1'";
$result = $conn->query($sql);

if ($result->num_rows > 0) {
    // output data of each row
    while($row = $result->fetch_assoc()) {
        echo "id: " . $row["uid"]. " - İsim: " . $row["pwd"]. " " . $row["isim"]. "<br>";
    }
} else {
    echo "0 results";
}
$conn->close();
0
 
Martin AndrewsCommented:
Are you sure you need to change it, Braveheartli?  Although the post you are referring to uses the variable $uid, it actually already is a username, not a typical integer id.
0
 
Julian HansenConnect With a Mentor Commented:
access_control only tests whether you are authenticated or not. We need to see the code that acually does the logging in. In this code the uid is being saved to the Session - you need to extend that to save the username to the session as well.

First you need to modify your DB query where you check the user name and password to return the username as well as the uid.

Then you need to save the username to the session something like this
...
        $uuk = $mysqli->real_escape_string($_COOKIE["uuk"]);
        /*
        ** CHANGE THIS 
        */
        $sql = "SELECT uid,names FROM EE_userTable WHERE uuk = '$uuk' LIMIT 1";
        $res = $mysqli->query($sql);

        // IF THE QUERY SUCCEEDED
        if ($res)
        {
            // THERE SHOULD BE ONE ROW
            $num = $res->num_rows;
            if ($num)
            {
                // RETRIEVE THE ROW FROM THE QUERY RESULTS SET
                $row = $res->fetch_assoc();

                // STORE THE USER-ID IN THE SESSION ARRAY
                $_SESSION["uid"] = $row["uid"];
        
                /*
                ** ADD THIS
                */
                $_SESSION["names"] = $row["names"];
                // EXTEND THE "REMEMBER ME" COOKIE
                remember_me($uuk);
            }
        }
...

Open in new window

0
 
BRMarketingAuthor Commented:
yes you are right actually Martin, however I already know the actual name of the username because they are my customer. So I'd like to give it try... thank you
0
 
Julian HansenCommented:
Apologies - posted before done.

You can now access names through the session like so
echo "<br/>HELLO {$_SESSION["names"]} AND WELCOME TO THE ACCESS CONTROLLED PAGE<br>"; 

Open in new window

Note the { } when including variables in a quoted string use the { } to enclose the variable.
0
 
Martin AndrewsCommented:
You could then refer to $_SESSION["uname"] from other pages
0
 
BRMarketingAuthor Commented:
thank you
0
 
Martin AndrewsCommented:
Glad it helped!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.