i have a form and checkloginstudents.php,,but my problem,i can't display the details of a user after login,,

this is my form:

<form id="form1" name="form1" method="post" action="check_login_students.php">
      <label>Name  
        <input name="username" type="text" id="textfield" />
      </label>
      <label>Password  
      <input type="password" name="password" id="textfield2" style="margin-top:5px;" />
      </label>
      <label>
       <input type="submit" name="button" id="button" value="Submit" />


      </label>
    </form> 

and this my checkloginstudents.php

    `<?php
    mysql_connect('127.0.0.1','root','rommelbarrio');
    mysql_select_db('system');


    $username= $_POST['username'];
    $password= $_POST['password'];
    $quer_get = mysql_query("select * from account_student where username='$username' and password='$password'");
    if((mysql_num_rows($quer_get))>0)
    {
        while($row_quer_get=mysql_fetch_array($quer_get))
        {
            $db_username = $row_quer_get['username'];
            $db_password = $row_quer_get['password'];
        }
        setcookie("POGI","$db_username");
        header("location:system.php");
    }
    else
    {
        header('location:errorlog.php');
    }


?>

i'm using cookies not session,,my plan is to display the details of a user into textbox,,appreciate your help..:}

Member Avatar
diafol

SO do you get relocated to system.php or errorlog.php? In addition you should clean all input with soemthing like mysql_real_escape_string(). Take off the quotes around $db_username in setcookie too. The setcookie also needs an expiry - for a day: time()+60*60*24

thanks for your response...relocated to system.php,,,,already add thanks,,but my really problem is on how to display the details of the user from database in the textbox after login,..

Member Avatar
diafol

I assumed from your first post that you couldn't retrieve the data from the db.
SO you need to retrieve the data from the cookie?

$_COOKIE['POGI'] will give you the data.
then place it in a textbox:

echo "<input name="name" value="$name" />;

i'm really newbie in php sir ardav, can you give me some sample codes on how to retrieve data from db after user log in??

appreciate your help..

Member Avatar
diafol

To check for a cookie:

    if(isset($_COOKIE['POGI'])){
        $stored_user = $_COOKIE['POGI'];
        mysql_connect('127.0.0.1','root','...');
        mysql_select_db('...');

        $stored_user = mysql_real_escape_string($_POST['username']);
        $quer_get = mysql_query("select * from account_student where username='$stored_user'");
        if(!$quer_get){
            unset($_COOKIE['POGI']); 
            setcookie("POGI",NULL,-1);  
        }else{
            $loggeduser = $stored_user; 
            //you could at this point extract other info about the user if needed
        }
    }

The login code:

   if(isset($_POST['username']) && isset($_POST['password'])){ 
        mysql_connect('127.0.0.1','root','...');
        mysql_select_db('...');

        $username = mysql_real_escape_string($_POST['username']);
        $password = mysql_real_escape_string($_POST['password']);
        $quer_get = mysql_query("select * from account_student where username='$username'");
        //check whether username exists
        if(mysql_num_rows($quer_get)){
            //retrieve data
            $row_quer_get=mysql_fetch_array($quer_get);
            //check that password matches - safer to do this here than in the SQL
            if($row_quer_get['password'] == $password){
                $db_username = $row_quer_get['username'];
                $db_password = $row_quer_get['password']; //do you need this?
                setcookie("POGI",$db_username,time()+60*60*24);
                header("location:system.php");
                exit;
            }
        }
    }
    header('location:errorlog.php');
    exit;

That's off the top of my head - not tested.

sir ardav,,thanks for helping me,but i found the solution,,i change the cookie into session,,then it worked great,,thanks anyway..:}next time again...

Member Avatar
diafol

Duh. I'd have suggested sessions, but you said you didn't want sessions in your first post. :(
Oh well, glad your got it solved.