Solved

simple question about mysql and php

Posted on 2016-08-16
11
51 Views
Last Modified: 2016-08-16
I have done everything he said on Mr. Ray Paseur article , it works perfectly fine. I created another page,

I use $uid = access_control(); it works fine too, I wrote

echo "<br/>HELLO $uid AND WELCOME TO THE ACCESS CONTROLLED PAGE<br>"; it shows the uid of the user.

I created another column on the database that shows the names, it's called "names"

how can print the name of the person instead of his $uid?

https://www.experts-exchange.com/articles/2391/PHP-Client-Registration-Login-Logout-and-Easy-Access-Control.html
0
Comment
Question by:Braveheartli
  • 4
  • 4
  • 3
11 Comments
 
LVL 52

Expert Comment

by:Julian Hansen
ID: 41757893
Can you post your code.
0
 
LVL 1

Author Comment

by:Braveheartli
ID: 41757910
Below I can see the $uid, I print it. no problem, but what I want is to have the user's name printed on the screen not the id.

My table has 5 colomns
Table name: KullaniciBilgileri
Colomn Names: _key , uid, pwd, uuk, isim

I suppose connection is not required since I have config.php in my page...

I need the sql sentence  to see the name of user name

the code is like this:
<?php // controlled.php
require_once('config.php');

// ACCESS TO THIS PAGE IS CONTROLLED
$uid = access_control();

echo "<br/>HELLO $uid AND WELCOME TO THE ACCESS CONTROLLED PAGE<br>";

?>
0
 
LVL 1

Author Comment

by:Braveheartli
ID: 41757919
below code works fine, but I want to bring $uid's name on screen.
since $uid is global, I can use it can't I?

$servername = "xxxxxxxxxxxx";
$username = "xxxxxxxxxxxxxxxx";
$password = "xxxxxxxxxxx";
$dbname = "xxxxxxxxxxx";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

$sql = "SELECT isim FROM KullaniciBilgileri where _key='1'";
$result = $conn->query($sql);

if ($result->num_rows > 0) {
    // output data of each row
    while($row = $result->fetch_assoc()) {
        echo "id: " . $row["uid"]. " - İsim: " . $row["pwd"]. " " . $row["isim"]. "<br>";
    }
} else {
    echo "0 results";
}
$conn->close();
0
 
LVL 2

Expert Comment

by:Martin Andrews
ID: 41757938
Are you sure you need to change it, Braveheartli?  Although the post you are referring to uses the variable $uid, it actually already is a username, not a typical integer id.
0
 
LVL 52

Assisted Solution

by:Julian Hansen
Julian Hansen earned 250 total points
ID: 41757944
access_control only tests whether you are authenticated or not. We need to see the code that acually does the logging in. In this code the uid is being saved to the Session - you need to extend that to save the username to the session as well.

First you need to modify your DB query where you check the user name and password to return the username as well as the uid.

Then you need to save the username to the session something like this
...
        $uuk = $mysqli->real_escape_string($_COOKIE["uuk"]);
        /*
        ** CHANGE THIS 
        */
        $sql = "SELECT uid,names FROM EE_userTable WHERE uuk = '$uuk' LIMIT 1";
        $res = $mysqli->query($sql);

        // IF THE QUERY SUCCEEDED
        if ($res)
        {
            // THERE SHOULD BE ONE ROW
            $num = $res->num_rows;
            if ($num)
            {
                // RETRIEVE THE ROW FROM THE QUERY RESULTS SET
                $row = $res->fetch_assoc();

                // STORE THE USER-ID IN THE SESSION ARRAY
                $_SESSION["uid"] = $row["uid"];
        
                /*
                ** ADD THIS
                */
                $_SESSION["names"] = $row["names"];
                // EXTEND THE "REMEMBER ME" COOKIE
                remember_me($uuk);
            }
        }
...

Open in new window

0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 1

Author Comment

by:Braveheartli
ID: 41757945
yes you are right actually Martin, however I already know the actual name of the username because they are my customer. So I'd like to give it try... thank you
0
 
LVL 52

Expert Comment

by:Julian Hansen
ID: 41757948
Apologies - posted before done.

You can now access names through the session like so
echo "<br/>HELLO {$_SESSION["names"]} AND WELCOME TO THE ACCESS CONTROLLED PAGE<br>"; 

Open in new window

Note the { } when including variables in a quoted string use the { } to enclose the variable.
0
 
LVL 2

Accepted Solution

by:
Martin Andrews earned 250 total points
ID: 41757956
If you wanted to add a user's name in addition to the username, you'd have to update the registration section to something like the following:

<?php // RAY_EE_register.php
require_once('RAY_EE_config.php');

// WE ASSUME NO ERRORS OCCURRED
$err = NULL;

// WAS EVERYTHING WE NEED POSTED TO THIS SCRIPT?
if ( (!empty($_POST["uid"])) && (!empty($_POST["pwd"])) && (!empty($_POST["vwd"])) && (!empty($_POST["uname"])) )
{
    // YES, WE HAVE THE POSTED DATA. ESCAPE IT FOR USE IN A QUERY
    $uid = $mysqli->real_escape_string($_POST["uid"]);
   $uname = $mysqli->real_escape_string($_POST["uname"]);
    $pwd = $mysqli->real_escape_string($_POST["pwd"]);
    $vwd = $mysqli->real_escape_string($_POST["vwd"]);

    // DO THE PASSWORDS MATCH?
    if ($pwd != $vwd) $err .= "<br/>FAIL: CHOOSE AND VERIFY PASSWORDS DO NOT MATCH";

    // DOES THE UID ALREADY EXIST?
    $sql = "SELECT uid FROM EE_userTable WHERE uid = '$uid' LIMIT 1";
    if (!$res = $mysqli->query($sql)) trigger_error( $mysqli->error, E_USER_ERROR );
    $num = $res->num_rows;
    if ($num) $err .= "<br/>FAIL: UID $uid IS ALREADY TAKEN.  CHOOSE ANOTHER";

    // IF THERE WERE NO ERRORS THAT PREVENT REGISTRATION
    if (!$err)
    {
        // MAKE THE UNIQUE USER KEY
        $uuk = md5($uid . $pwd . rand());
        $sql = "INSERT INTO EE_userTable (uid, pwd, uuk, names) VALUES ('$uid', '$pwd', '$uuk', '$uname')";
        if (!$res = $mysqli->query($sql)) trigger_error( $mysqli->error, E_USER_ERROR );

        // STORE THE USER-ID IN THE SESSION ARRAY
        $_SESSION["uid"] = $uid;
       $_SESSION["uname"] = $uname;

        // IS THE "REMEMBER ME" CHECKBOX SET?
        if (isset($_POST["rme"]))
        {
            remember_me($uuk);
        }

        // REGISTRATION AND LOGIN COMPLETE
        echo "<br/>WELCOME $uname. REGISTRATION COMPLETE.  YOU ARE LOGGED IN.";
        echo "<br/>CLICK <a href=\"/\">HERE</a> TO GO TO THE HOME PAGE";
        die();
    }

    // IF THERE WERE ERRORS
    else
    {
        echo $err;
        echo "<br/>SORRY, REGISTRATION FAILED";
    }
} // END OF FORM PROCESSING - PUT UP THE FORM
?>
<form method="post">
PLEASE REGISTER
<br/>CHOOSE USERNAME: <input name="uid" />
<br/>ENTER YOUR NAME: <input name="uname" />
<br/>CHOOSE PASSWORD: <input name="pwd" type="password" />
<br/>VERIFY PASSWORD: <input name="vwd" type="password" />
<br/><input type="checkbox" name="rme" />KEEP ME LOGGED IN (DO NOT CHECK THIS ON A PUBLIC COMPUTER)
<br/><input type="submit" value="REGISTER" />
</form>
0
 
LVL 2

Expert Comment

by:Martin Andrews
ID: 41757965
You could then refer to $_SESSION["uname"] from other pages
0
 
LVL 1

Author Closing Comment

by:Braveheartli
ID: 41757989
thank you
0
 
LVL 2

Expert Comment

by:Martin Andrews
ID: 41757996
Glad it helped!
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now