Usint PHP, I'm trying to add the username, used in a login form, to the MYSQL table of another form.
Scenario: User "x" logs in (providing his username, "x", and a password). The username and password are stored in a MYSQL table called "users". Once "x" is logged in, he is directed to another form, where he provides his real name and other information and submits that form, and that information is stored in MYSQL table "register".
I want to be able to store "x" in a field of "register", without having "x" supplied in the form.
I think I'm close and have written the following code (but it's not working yet):
$tbl_name="users"; // Table name // Define $myusername and $mypassword $myusername=$_POST['username']; $mypassword=$_POST['password']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT username FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); $row=mysql_fetch_row($result); $str=$row; //build and submit query $query = <<<HERE INSERT INTO register VALUES( null, '$first_name', '$last_name', '$address', '$city', '$state', '$zip_code', '$home_phone', '$cell_phone', '2011-01-01', '2011-01-02', '$str', null, null, null, null, 1); HERE;
Can someone please help?