954,561 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Have something to say? Contribute New Article Reply to this Article
3 Years Ago
0

Echo MySQL Row Data

Hi All:

I have an extensive website in which I would like to echo the name of the company various pages after the user logs in. I think I should be using the $_SESSION global, but I'm having difficulty implementing it, placing it in my code, and knowing what php code to place in the pages where I want the company name to appear. From what I understand, I need to fetch the company name and assign it to the session while the user name and password are being authenticated.

For purposes of this question, the MySQL table is laid out as follows:
<ul><li>id</li>
<li>username</li>
<li>password</li>
<li>usergroup (not being used yet)</li>
<li>company</li>
<li>last_login</li>
</ul>

Here's my check-login code: <?php

$host = "---";
$username = "---";
$password = "---";
$db = "---";
$tbl_name = "---";

// Connect to server and select database.
mysql_connect($host, $username, $password) or die("Unable to connect to database.");
mysql_select_db($db) or die("Unable to connect to database.");


// Username and password sent from form.
$myusername = mysql_real_escape_string($_POST['myusername']);
$mypassword = mysql_real_escape_string($_POST['mypassword']);


$sql = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result = mysql_query($sql);

// Mysql_num_row is counting table row
$count = mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1) {

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");

// Update the last_login field of the MySQL database
$lastlogin = mysql_query("UPDATE $tbl_name SET last_login=now() WHERE username='$myusername'");

// Redirect good login attempt
header("location:login_success.php");
}

// Redirect bad login attempt
else {
header("location:login_retry.php");
}
?>

gpdrums
Light Poster
36 posts since Sep 2007
Reputation Points: 10
Solved Threads: 0
 
3 Years Ago
Show Comments
1

If you'd like to do it in a session variable, do this.

<?php

  $host = "---";
  $username = "---";
  $password = "---";
  $db = "---";
  $tbl_name = "---";

// Connect to server and select database.
mysql_connect($host, $username, $password) or die("Unable to connect to database.");
mysql_select_db($db) or die("Unable to connect to database.");

// If no magic quotes, add slashes
if(!get_magic_quotes_gpc()) {
$myusername = addslashes($_POST['myusername']);
$mypassword = addslashes($_POST['mypassword']);
}

// Username and password sent from form.
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);


$sql = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);

// Mysql_num_row is counting table row
$count = mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
  if($count==1) {

// Register $myusername, $mypassword and redirect to file "login_success.php"
  session_register("myusername");
  session_register("mypassword");
  session_register("mycompany");
  
// Assign the mycompany variable from user table
  $_SESSION['mycompany'] = $row['company'];

// Update the last_login field of the MySQL database
$lastlogin = mysql_query("UPDATE $tbl_name SET last_login=now() WHERE username='$myusername'");

// Redirect good login attempt
  header("location:login_success.php");
  }

// Redirect bad login attempt
  else {
    header("location:login_retry.php");
    }
?>


I'm not completely certain you need to register the username and password with the session, but I may be wrong. It's be a while since I wrote my own session handler.

Oh, and if magic_quotes_gpc is enabled, you should use stripslashes() on the submitted form data and visa versa.

MVied
Junior Poster
112 posts since Aug 2008
Reputation Points: 21
Solved Threads: 11
 
3 Years Ago
0

Also, you shouldn't be using session_register() as this is registering a global variable. You will find that in most hosts, register globals is turned off and in php 6.0 it is completely removed. You shouldn't be using register globals anyway. You only need to use $_SESSION[].

So, unless you really feel like revisiting everything you've done with sessions, I recommend not doing this.

R0bb0b
Posting Shark
998 posts since Jun 2008
Reputation Points: 358
Solved Threads: 89
 
3 Years Ago
0

Also, you shouldn't be using session_register() as this is registering a global variable. You will find that in most hosts, register globals is turned off and in php 6.0 it is completely removed. You shouldn't be using register globals anyway. You only need to use $_SESSION[].

So, unless you really feel like revisiting everything you've done with sessions, I recommend not doing this.

Ah see, news to me R0b. I haven't messed with session in forever. So maybe this is what he should use.

<?php

  $host = "---";
  $username = "---";
  $password = "---";
  $db = "---";
  $tbl_name = "---";

// Connect to server and select database.
mysql_connect($host, $username, $password) or die("Unable to connect to database.");
mysql_select_db($db) or die("Unable to connect to database.");

// If no magic quotes, add slashes
if(!get_magic_quotes_gpc()) {
$myusername = addslashes($_POST['myusername']);
$mypassword = addslashes($_POST['mypassword']);
}

// Username and password sent from form.
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);


$sql = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);

// Mysql_num_row is counting table row
$count = mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
  if($count==1) {

// Assign session variables from user table
 $_SESSION['mycompany'] = $row['company'];
 $_SESSION['myusername'] = $row['username'];

// Update the last_login field of the MySQL database
$lastlogin = mysql_query("UPDATE $tbl_name SET last_login=now() WHERE username='$myusername'");

// Redirect good login attempt
  header("location:login_success.php");
  }

// Redirect bad login attempt
  else {
    header("location:login_retry.php");
    }
?>
MVied
Junior Poster
112 posts since Aug 2008
Reputation Points: 21
Solved Threads: 11
 
3 Years Ago
0

Not a problem, I've just heard horror stories about php 4.2 when developers had to go back through the scripts that they wrote in the past because register globals was turned off. The less of that we have in the future the better off we'll be.

Yes, that would be the best way to go.

R0bb0b
Posting Shark
998 posts since Jun 2008
Reputation Points: 358
Solved Threads: 89
 
3 Years Ago
0

Thank you for the replies. I will have to continue this Friday or next Monday due to other web obligations.

With regard to the php version, we are self-hosting. I can reconfigure Apache if need be, but what I'm doing works--and if it aint broke, don't fix it! Right?

One more thing: I have to try out the code you both provided to see how it goes, but if I want to echo the company name on any page while the session is active, what do I need to do?

Thank you again for helping me here. I'll return the favor as often as I can.

GP

gpdrums
Light Poster
36 posts since Sep 2007
Reputation Points: 10
Solved Threads: 0
 
3 Years Ago
0

Update: This worked. Thank you for the help. FYI, here's what I did to echo the company name on the appropriate pages:

<?php
if (!session_register(company));
{
echo $_SESSION['company'];
}
?>

gpdrums
Light Poster
36 posts since Sep 2007
Reputation Points: 10
Solved Threads: 0
 
3 Years Ago
0

Update: This worked. Thank you for the help. FYI, here's what I did to echo the company name on the appropriate pages:

<?php if (!session_register(company)); { echo $_SESSION['company']; } ?>

Well if you shouldn't use session_register, maybe you should use this:

if ($_SESSION['company']) {
 echo $_SESSION['company'];
}
MVied
Junior Poster
112 posts since Aug 2008
Reputation Points: 21
Solved Threads: 11
 
3 Years Ago
0

Well if you shouldn't use session_register, maybe you should use this:

if ($_SESSION['company']) {
 echo $_SESSION['company'];
}

I usually go a step further and do this:

if (isset($_SESSION['company']) && trim($_SESSION['company']) != "") {
 echo $_SESSION['company'];
}

which will also ensure that it is not blank

R0bb0b
Posting Shark
998 posts since Jun 2008
Reputation Points: 358
Solved Threads: 89
 
3 Years Ago
0

As I continued to play with the code, I added "Welcome, " to the echo() statement. I noticed that if the person was not logged in, "Welcome," printed without the company name. What type of else statement will keep this from happening?

gpdrums
Light Poster
36 posts since Sep 2007
Reputation Points: 10
Solved Threads: 0
 
3 Years Ago
0
As I continued to play with the code, I added "Welcome, " to the echo() statement. I noticed that if the person was not logged in, "Welcome," printed without the company name. What type of else statement will keep this from happening?

So you have this?

if (isset($_SESSION['company']) && trim($_SESSION['company']) != "") {
 echo "Welcome, ".$_SESSION['company'];
}
MVied
Junior Poster
112 posts since Aug 2008
Reputation Points: 21
Solved Threads: 11
 

This question has already been solved

Post: Markdown Syntax: Formatting Help
You
 
© 2012 DaniWeb® LLC
Home | About Us | Contact Us | Terms of Service | Advertising Opportunities
RSS Feed RSS Feed