Query MySQL table from login form.

Report · Jul 18, 2011

Probably a simple question, but I can't seem to get it. Here my

my table on MySQL

ID Username UFN ULN Password

1 joSmith John Smith encrypted

2 jaSmith Jane Smith encrypted

3 jDoe John Doe encrypted

When I login using username and password, I want to display the first name and last name for the user and display it on the next page. I can usually echo a _POST, but when it comes to sessions, this doesn't seem to work properly, as the next page doesn't know the variable.

Report · Jul 18, 2011

You dont show us the code but something like

echo $row['ufn'] . $row['uln'];

Should do the trick

Showing the code would get you a more specific answer.

Gary

Report · Jul 19, 2011

Sorry here is the code, its generated from the login user wizard from dreamweaver. It doesn't matter what code is on the second page as the session and post variables are "gone", I can't call on it. This code of course will successfully login to the restricted pages without issues.

<?php require_once('Connections/UserAcc_mySQL.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
}
return $theValue;
}
}
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=md5($_POST['password']);
$UN=$_POST['usern'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "loginredirect.php";
$MM_redirectLoginFailed = "adminlogin.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_UserAcc_mySQL, $UserAcc_mySQL);

$LoginRS__query=sprintf("SELECT `User`, Password, UFN, ULN FROM username WHERE `User`=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));

$LoginRS = mysql_query($LoginRS__query, $UserAcc_mySQL) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
     $loginStrGroup = "";

    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    }
    header("Location: " . $MM_redirectLoginSuccess );
}
else {
    header("Location: ". $MM_redirectLoginFailed );
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style>
.Login
{
position:absolute;
vertical-align:middle;
margin-left: 40%;
margin-right: 40%;
top: 153px;
}
</style>
</head>

<body>
<div class="Login">
<form ACTION="<?php echo $loginFormAction; ?>" method="POST" name="LogMeIn">
<label>Username:</label> <input type="text" name="username" id="username" /><br />
<label>Password: </label><input type="password" name="password" /><br />
<input type="hidden" name="user" />
<input type="submit" value="Login" />
</form>
</div>

</body>
</html>

Report · Aug 04, 2011

There are a couple ways you can do this.

First is create a query to recognize the information of the person logining in based on the username and pull your information.

Example:

SELECT * FROM your_table WHERE username = '$_SESSION[MM_Username]'.

Second, on your login page, add the UFN and ULN to the query and assign them a session variable. This way it's available to you though your site without having to 'include' the username query on each page.

ADD to login query:

$row_LoginRS = mysql_fetch_assoc($LoginRS);

ADD to other session variables:

$_SESSION['MM_UFN'] = $row_LoginRS['UFN'];

$_SESSION['MM_ULN'] = $row_LoginRS['ULN'];