Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

How to create a user session that calls on userid?

Options
  • 19-10-2012 11:50pm
    #1
    Stercus Accidit
    Registered Users Posts: 8,758 ✭✭✭


    Hi,

    I am very new to creating websites so sorry if this is a very simple question.

    So far a user can log in and be assigned a user level that determines what pages they can see, this is called userrole in my table.

    I want to be able to call on the userid and use this to automaically be assigned when the user submits another form, which would be an advert.

    I am kind of trying to wrap my head around this, has what I described made sense? I am using dreamweaver and the various wizards to create my pages.

    Thanks.


    Using the user log-in form creates
    $_SESSION = $loginUsername;
    for the session.

    Can I do a similar thing for userid (which is the primary key for the table) and then echo that in pages that the user would use to submit content to the database?


Comments

  • Options
    #2
    Stercus Accidit
    Registered Users Posts: 8,758 ✭✭✭Stercus Accidit


    Where the php code was creating a 'userrole' I copied and pasted that and did it for userid, I am now able to php echo out the current users id. Dreamweaver is having a hissy over it but it seems to work as server side php. Would someone be willing to scan over the code visually and tell me where I went wrong? It works but I imagine is sloppy.


  • Options
    #3
    TheRealPONeil
    Registered Users Posts: 132 ✭✭TheRealPONeil


    https://github.com/noverkill/classified-ads-script


  • Options
    #4
    Stercus Accidit
    Registered Users Posts: 8,758 ✭✭✭Stercus Accidit


    TheRealPONeil wrote: »
    https://github.com/noverkill/classified-ads-script

    Thanks, but as I am doing an assignment for a class I'd like to understand what I have done myself, I will download your link and have a look through the code, hopefully that will help me learn.


  • Options
    #5
    Stercus Accidit
    Registered Users Posts: 8,758 ✭✭✭Stercus Accidit


    This is the code dreamweaver creates to make a user session with the fields username and userrole, my additions for userid are in bold text.

    I am getting warning messages in dreamweaver for this code saying I have two instances of the sign-in code. Can anyone have a scan over this, in particular my additions and see where I went wrong?
    <?php require_once('C:/wamp/www/Connections/wampDB.php'); ?>
    <?php
    if (!function_exists("GetSQLValueString")) {
    function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
    {
    if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
    }

    $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

    switch ($theType) {
    case "text":
    $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
    break;
    case "long":
    case "int":
    $theValue = ($theValue != "") ? intval($theValue) : "NULL";
    break;
    case "double":
    $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
    break;
    case "date":
    $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
    break;
    case "defined":
    $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
    break;
    }
    return $theValue;
    }
    }
    ?>
    <?php
    // *** Validate request to login to this site.
    if (!isset($_SESSION)) {
    session_start();
    }

    $loginFormAction = $_SERVER;
    if (isset($_GET)) {
    $_SESSION = $_GET;
    }

    if (isset($_POST)) {
    $loginUsername=$_POST;
    $password=$_POST;
    $MM_fldUserAuthorization = "userrole";
    $MM_redirectLoginSuccess = "/login-success.php";
    $MM_redirectLoginFailed = "/login-failed.php";
    $MM_redirecttoReferrer = false;
    mysql_select_db($database_wampDB, $wampDB);

    $LoginRS__query=sprintf("SELECT useremail, userpass, userid, userrole FROM users WHERE useremail=%s AND userpass=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));

    $LoginRS = mysql_query($LoginRS__query, $wampDB) or die(mysql_error());
    $loginFoundUser = mysql_num_rows($LoginRS);
    if ($loginFoundUser) {

    $loginStrGroup = mysql_result($LoginRS,0,'userrole');
    $loginIdGroup = mysql_result($LoginRS,0,'userid');

    if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them + one of my own done through code
    $_SESSION = $loginUsername;
    $_SESSION = $loginStrGroup;
    $_SESSION = $loginIdGroup;

    if (isset($_SESSION) && false) {
    $MM_redirectLoginSuccess = $_SESSION;
    }
    header("Location: " . $MM_redirectLoginSuccess );
    }
    else {
    header("Location: ". $MM_redirectLoginFailed );
    }
    }
    ?>

    <div id="login">
    <form id="login" name="login" method="POST" action="<?php echo $loginFormAction; ?>">
    <label for="useremail">e-mail</label>
    <input size="15" type="text" name="useremail" id="useremail" />
    <label for="userpass">password</label>
    <input size="15" type="text" name="userpass" id="userpass" />
    <input type="submit" name="submit" id="submit" value="OK" />
    </form>
    </div>
    </body>
    </html>


Advertisement