#16
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    165
    Rep Power
    18
    the link you just posted confirms what he just said :/
  2. #17
  3. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    The link lists the new features of PDO and MySQLi. So saying that there a no fundamental changes to justify deprecating the old extension isn't quite right.

    The old extension is basically limited to sending raw queries to the database server. The new extensions have prepared statements, transactions, stored procedures etc.
  4. #18
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    165
    Rep Power
    18
    Well in a way he is correct. No features where just added that did make it so. It was a matter that for many versions now the MySql extension has no longer been updated to include new features offered by MySql server and the newer extensions slowly gained more support due to this. From my understanding at least
  6. #19
  7. Did you steal it?
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    13,961
    Rep Power
    9397
    Originally Posted by Jacques1
    Are you kidding?
    http://php.net/manual/en/mysqlinfo.api.choosing.php
    (kind of funny to link a PHP moderator to the PHP reference)
    Oh, so PDO is new since 5.5? mysqli is new since 5.5? There are game-changing features in either one that are new since 5.5?

    Try reading what I wrote.
  8. #20
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2013
    Posts
    1
    Rep Power
    0
    can any one tell me how to maintain the session .
    skywebarts
  10. #21
  11. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    22
    Rep Power
    0

    Login.php code


    Ok, this is my code for login.php. When I try this code, it says I have an unexpected variable on line 4. I know what it means that it's not recognizing a certain variable in my table. But, my column on my table is called "username" and it has variables in the column. (also, membersite_config.php is my configuration for connecting to the database). Something is obviously wrong with line 4, but I can't see it. Oh, and "first" is the name of my table within the database.

    <?PHP
    INCLUDE("./include/membersite_config.php");
    session_start();
    $result=mysql_query('SELECT * FROM first WHERE username='$_POST ["username"]');
    WHILE($row=mysql_fetch_array($result)){
    if($row[password]==$_POST['password']){
    $_SESSION['username']=$_POST['username'];
    HEADER('location: loginhome.php');
    }else{
    HEADER('location: loginfailed.php');
    }
    }
    ?>
  12. #22
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    165
    Rep Power
    18
    look at you quotations. I meant that code snippet to be used more in lines as pseudo code and i guess this prooves what everyone says about copy and paste(jacques)

    I messed up the quotations when i typed it so here:
    PHP Code:

    $result
    =mysql_query("SELECT * FROM first WHERE username='$_POST[username]'"); 
    Now please take into consideration as jacques and others have been saying that the mysql extension is being phased out and you should consider switching to mysqli or pdo.

    And remember that anytime you have input from a user it should NEVER be dirrectly used in an sql query, system command, or SSI. you need to validate the entry and make sure they are not trying to escape your query and execute their own at the same time.

    As far as maintaining a session once it is open it will remain open for however long specified in your php.ini file which is default to the browsing session. There fore just include session_start(); on all pages that access the session. A session is actually a cookie placed on the clients computer with an ID that correlates to a set of data stored either on your servers filesystem or a database setup to work with the session.
  14. #23
  15. Did you steal it?
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    13,961
    Rep Power
    9397
    PHP Code:
    $result=mysql_query("SELECT * FROM first WHERE username='$_POST[username]'"); 
    That's the main reason right there why we'll try to champion mysqli/PDO over mysql: it's so easy to not know about SQL injection. You can make the same mistakes in all three, but a lot of what I've seen using mysqli and PDO has prepared statements where it's essentially impossible for that to happen.
  16. #24
  17. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    22
    Rep Power
    0
    Ok, put the code in there and now when you login it doesn't take you anywhere, it just resets the fields.

    So currently, as it stands, when you login it takes you to a page and says, "Welcome (Username)". That's great. What happens with this coding is this:
    <?= $fgmembersite->UserFullName();?>
    So what is happening is it's going to the fgmembersite page and reading the function UserFullName. On the fgmembersite page, that looks like this:
    function UserFullName()
    {
    return isset($_SESSION['name_of_user'])?$_SESSION['name_of_user']:'';
    }

    Would it not be possible to create another function (called Redirect) that reads the "redirect" line in the table from the specific user? Does that make sense? Also, I noticed while going through the fgmembersite code that there is a header already in place, but it's in a function...
    function RedirectToURL($url)
    {
    header("Location: $url");
    exit;
    }
    So if I were to change this to look up the redirect url from the table, then on my login page if I changed the code to this:
    if($fgmembersite->Login())
    {
    $fgmembersite->RedirectToURL($url);
    }

    It would just look up the functions RedirectToURL information. Am I on the right page? And if so, how would I change the header to search for the redirecturl in the table? (I HOPE THIS MAKES SENSE!, and I am really thankful you guys are helping me out with this!)
  18. #25
  19. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    165
    Rep Power
    18
    Where you redirecting to the right page with your header? this should redirect to your members page. Also PLEASE put your php code inside of tags on here.
  20. #26
  21. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    22
    Rep Power
    0

    Maybe...


    Maybe I'm just looking at this the wrong way. Obviously I can send the user to a webpage if they login correctly (the members page), but how do I recall only the data that coincides with the user that has logged in? Obviously my login-home.php page can recall the username of the person based on who has logged in...so how do I recall more data based on that username?
  22. #27
  23. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    165
    Rep Power
    18
    Thats why you set a session. store the users information into $_SESSION['UserName'] then all php pages after this point can load the username from this variable
  24. #28
  25. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    22
    Rep Power
    0
    This makes sense. So once you log in, it automatically creates a session. and then I can access that session by doing $_SESSION['UserName']. That makes sense. And apparently my code is already doing this. So as long as I am logged in to that user, I can put $_SESSION['UserName'] on any page and it will automatically recall that username that is logged in, right?

    So how do I take this a step farther and recall (just for example) the address column on my table for that specific user? So that it only display that persons address, and not the entire column?

    Originally Posted by portcitysoftwar
    Thats why you set a session. store the users information into $_SESSION['UserName'] then all php pages after this point can load the username from this variable
  26. #29
  27. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    165
    Rep Power
    18
    Well just think of what your asking. We have given you all the information needed to complete this code and helping you any further right here would be me writing your code for you. Which i enjoy helping people however if i write your code then you will not learn php. So with that said i trust you already know how to query a MySQL database(Learn how to do this with PDO or MySQLI)

    So now with that just treat your $_SESSION['UserName'] as any other variable. Now you can use this in your WHERE clause of your MySQL query. Remember you can also store additional information in your session such as $_SESSION['MemberType'] etc...

    Let me know if I can help any further. And remember that you must open your session on ever page. Just put SESSION_START(); on the top of your page or in a common include page
  28. #30
  29. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    22
    Rep Power
    0

    Yay!


    Ok. I'm pretty happy. I've finally gotten everything to work pretty nice. I'm able to recall data from a table in my database how I want and everything. I only have one more minor problem that I would like some advice on. Currently, when a user logs in, it asks for their username and password (which is md5 protected). Regardless, the variable saved by the $_SESSION is not the username, for some reason it is saved as the name of the user (because when you register on the site it asks you for the Full Name, Email, Username, and Password). So the full name is what is being stored as the variable (currently). However, I would really like to have the username stored instead as the variable. I get that you can do that $_SESSION['username']. But my question is, where?

    Do i try and store this in my login.php file, my login-home.php file, or I have another file that pretty much controls my entire login deal. Or can I do it anywhere?

    I have tried putting it after the submit button on my login.php and then when I go to recall the variable it doesn't work, which means I'm assuming it did not store the variable. (Every file has session_start(); on it).

IMN logo majestic logo threadwatch logo seochat tools logo