Solved

simple question about mysql and php

Posted on 2016-08-16
11
56 Views
Last Modified: 2016-08-16
I have done everything he said on Mr. Ray Paseur article , it works perfectly fine. I created another page,

I use $uid = access_control(); it works fine too, I wrote

echo "<br/>HELLO $uid AND WELCOME TO THE ACCESS CONTROLLED PAGE<br>"; it shows the uid of the user.

I created another column on the database that shows the names, it's called "names"

how can print the name of the person instead of his $uid?

https://www.experts-exchange.com/articles/2391/PHP-Client-Registration-Login-Logout-and-Easy-Access-Control.html
0
Comment
Question by:Braveheartli
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 3
11 Comments
 
LVL 57

Expert Comment

by:Julian Hansen
ID: 41757893
Can you post your code.
0
 
LVL 1

Author Comment

by:Braveheartli
ID: 41757910
Below I can see the $uid, I print it. no problem, but what I want is to have the user's name printed on the screen not the id.

My table has 5 colomns
Table name: KullaniciBilgileri
Colomn Names: _key , uid, pwd, uuk, isim

I suppose connection is not required since I have config.php in my page...

I need the sql sentence  to see the name of user name

the code is like this:
<?php // controlled.php
require_once('config.php');

// ACCESS TO THIS PAGE IS CONTROLLED
$uid = access_control();

echo "<br/>HELLO $uid AND WELCOME TO THE ACCESS CONTROLLED PAGE<br>";

?>
0
 
LVL 1

Author Comment

by:Braveheartli
ID: 41757919
below code works fine, but I want to bring $uid's name on screen.
since $uid is global, I can use it can't I?

$servername = "xxxxxxxxxxxx";
$username = "xxxxxxxxxxxxxxxx";
$password = "xxxxxxxxxxx";
$dbname = "xxxxxxxxxxx";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

$sql = "SELECT isim FROM KullaniciBilgileri where _key='1'";
$result = $conn->query($sql);

if ($result->num_rows > 0) {
    // output data of each row
    while($row = $result->fetch_assoc()) {
        echo "id: " . $row["uid"]. " - İsim: " . $row["pwd"]. " " . $row["isim"]. "<br>";
    }
} else {
    echo "0 results";
}
$conn->close();
0
Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

 
LVL 2

Expert Comment

by:Martin Andrews
ID: 41757938
Are you sure you need to change it, Braveheartli?  Although the post you are referring to uses the variable $uid, it actually already is a username, not a typical integer id.
0
 
LVL 57

Assisted Solution

by:Julian Hansen
Julian Hansen earned 250 total points
ID: 41757944
access_control only tests whether you are authenticated or not. We need to see the code that acually does the logging in. In this code the uid is being saved to the Session - you need to extend that to save the username to the session as well.

First you need to modify your DB query where you check the user name and password to return the username as well as the uid.

Then you need to save the username to the session something like this
...
        $uuk = $mysqli->real_escape_string($_COOKIE["uuk"]);
        /*
        ** CHANGE THIS 
        */
        $sql = "SELECT uid,names FROM EE_userTable WHERE uuk = '$uuk' LIMIT 1";
        $res = $mysqli->query($sql);

        // IF THE QUERY SUCCEEDED
        if ($res)
        {
            // THERE SHOULD BE ONE ROW
            $num = $res->num_rows;
            if ($num)
            {
                // RETRIEVE THE ROW FROM THE QUERY RESULTS SET
                $row = $res->fetch_assoc();

                // STORE THE USER-ID IN THE SESSION ARRAY
                $_SESSION["uid"] = $row["uid"];
        
                /*
                ** ADD THIS
                */
                $_SESSION["names"] = $row["names"];
                // EXTEND THE "REMEMBER ME" COOKIE
                remember_me($uuk);
            }
        }
...

Open in new window

0
 
LVL 1

Author Comment

by:Braveheartli
ID: 41757945
yes you are right actually Martin, however I already know the actual name of the username because they are my customer. So I'd like to give it try... thank you
0
 
LVL 57

Expert Comment

by:Julian Hansen
ID: 41757948
Apologies - posted before done.

You can now access names through the session like so
echo "<br/>HELLO {$_SESSION["names"]} AND WELCOME TO THE ACCESS CONTROLLED PAGE<br>"; 

Open in new window

Note the { } when including variables in a quoted string use the { } to enclose the variable.
0
 
LVL 2

Accepted Solution

by:
Martin Andrews earned 250 total points
ID: 41757956
If you wanted to add a user's name in addition to the username, you'd have to update the registration section to something like the following:

<?php // RAY_EE_register.php
require_once('RAY_EE_config.php');

// WE ASSUME NO ERRORS OCCURRED
$err = NULL;

// WAS EVERYTHING WE NEED POSTED TO THIS SCRIPT?
if ( (!empty($_POST["uid"])) && (!empty($_POST["pwd"])) && (!empty($_POST["vwd"])) && (!empty($_POST["uname"])) )
{
    // YES, WE HAVE THE POSTED DATA. ESCAPE IT FOR USE IN A QUERY
    $uid = $mysqli->real_escape_string($_POST["uid"]);
   $uname = $mysqli->real_escape_string($_POST["uname"]);
    $pwd = $mysqli->real_escape_string($_POST["pwd"]);
    $vwd = $mysqli->real_escape_string($_POST["vwd"]);

    // DO THE PASSWORDS MATCH?
    if ($pwd != $vwd) $err .= "<br/>FAIL: CHOOSE AND VERIFY PASSWORDS DO NOT MATCH";

    // DOES THE UID ALREADY EXIST?
    $sql = "SELECT uid FROM EE_userTable WHERE uid = '$uid' LIMIT 1";
    if (!$res = $mysqli->query($sql)) trigger_error( $mysqli->error, E_USER_ERROR );
    $num = $res->num_rows;
    if ($num) $err .= "<br/>FAIL: UID $uid IS ALREADY TAKEN.  CHOOSE ANOTHER";

    // IF THERE WERE NO ERRORS THAT PREVENT REGISTRATION
    if (!$err)
    {
        // MAKE THE UNIQUE USER KEY
        $uuk = md5($uid . $pwd . rand());
        $sql = "INSERT INTO EE_userTable (uid, pwd, uuk, names) VALUES ('$uid', '$pwd', '$uuk', '$uname')";
        if (!$res = $mysqli->query($sql)) trigger_error( $mysqli->error, E_USER_ERROR );

        // STORE THE USER-ID IN THE SESSION ARRAY
        $_SESSION["uid"] = $uid;
       $_SESSION["uname"] = $uname;

        // IS THE "REMEMBER ME" CHECKBOX SET?
        if (isset($_POST["rme"]))
        {
            remember_me($uuk);
        }

        // REGISTRATION AND LOGIN COMPLETE
        echo "<br/>WELCOME $uname. REGISTRATION COMPLETE.  YOU ARE LOGGED IN.";
        echo "<br/>CLICK <a href=\"/\">HERE</a> TO GO TO THE HOME PAGE";
        die();
    }

    // IF THERE WERE ERRORS
    else
    {
        echo $err;
        echo "<br/>SORRY, REGISTRATION FAILED";
    }
} // END OF FORM PROCESSING - PUT UP THE FORM
?>
<form method="post">
PLEASE REGISTER
<br/>CHOOSE USERNAME: <input name="uid" />
<br/>ENTER YOUR NAME: <input name="uname" />
<br/>CHOOSE PASSWORD: <input name="pwd" type="password" />
<br/>VERIFY PASSWORD: <input name="vwd" type="password" />
<br/><input type="checkbox" name="rme" />KEEP ME LOGGED IN (DO NOT CHECK THIS ON A PUBLIC COMPUTER)
<br/><input type="submit" value="REGISTER" />
</form>
0
 
LVL 2

Expert Comment

by:Martin Andrews
ID: 41757965
You could then refer to $_SESSION["uname"] from other pages
0
 
LVL 1

Author Closing Comment

by:Braveheartli
ID: 41757989
thank you
0
 
LVL 2

Expert Comment

by:Martin Andrews
ID: 41757996
Glad it helped!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PHP $_POST vs asp request 4 55
Do not understand error message 3 45
Can't Find the Homepage on my site 4 43
Why is my select returning NaN 20 33
Does the idea of dealing with bits scare or confuse you? Does it seem like a waste of time in an age where we all have terabytes of storage? If so, you're missing out on one of the core tools in every professional programmer's toolbox. Learn how to …
Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question