Echo logged in username

Ask about a PHP problem here.
Post Reply
User avatar
Helx
Posts: 350
Joined: Thu May 17, 2012 6:45 am
Location: Auckland, New Zealand

Echo logged in username

Post by Helx »

Ok, here goes :D

I have the following PHP code:
<?php
	include('core/conf.php');
	$user=$_POST['user']; 
	$password=$_POST['password'];
	$user = stripslashes($user);
	$password = stripslashes($password);
	$user = mysql_real_escape_string($user);
	$password = mysql_real_escape_string($password);
	$enc=md5($password);
	$usr=md5($user);
	$sql="SELECT * FROM $tbl_name WHERE username='$usr' and password='$enc'";
	$result=mysql_query($sql);
	$count=mysql_num_rows($result);
	if(isset($_POST['user'])){
		if($count==1){
			session_register("user");
			session_register("password"); 
			header("location:index.php");
		}else{
			$false_enc = '<b><font color="#CC0000">Incorrect details</font></b>';
			$enc_type = 'text-input-wrong';
		}
	}else{
		$false_enc = 'Need help? Contact the <a href="http://website.com/contact">Admin</a>';
		$enc_type = 'text-input';
	}
?>
The form being:
                <form action="login.php" method="post" id="login">  
                    <div class="field">  
                        <label for="email">Email</label>  
                        <input type="text" name="user" id="user" class="<?php echo $enc_type; ?>" placeholder="you@email.net" />  
                    </div>  
                    <div class="field">  
                        <label for="password">Password</label>  
                        <input type="password" name="password" id="password" class="<?php echo $enc_type; ?>" placeholder="'ooh, secret'" />  
                    </div>
                    <div class="action clearfix"> 
                        <input type="submit" value="Submit" /> 
                        <div class="enc">
                    		<?php echo $false_enc; ?>
                    	</div> 
                    </div>
                </form>
I (as stated in the title) want to echo the user's email (username) on a different page, which has this this validation script:
session_start();
	if(!session_is_registered(user)){
		header("location:login.php");
	}
And yes, the email is encrypted with MD_5, but I am likely to change all of that to suit this.

Please help me, I tried to find this on Google but none of that actually worked for me :/

(oh, and first topic by me :D yay!)
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Echo logged in username

Post by jacek »

Well fist thing, replace those session_register() functions with the use of $_SESSION as detailed here http://php.net/manual/en/function.session-register.php

Then if you store the email address in the session when they log in you can then use that variable to output it later on

So do this when they get the password correct.
$_SESSION['email'] = $_POST['user'];
and this to output it later
echo $_SESSION['email'];
Oh, also yay for first post :D
Image
User avatar
Helx
Posts: 350
Joined: Thu May 17, 2012 6:45 am
Location: Auckland, New Zealand

Re: Echo logged in username

Post by Helx »

jacek wrote:Well fist thing, replace those session_register() functions with the use of $_SESSION as detailed here http://php.net/manual/en/function.session-register.php
Oh hehe, deprecation is a b**** :lol: explains why the login wouldn't work on my main host.

As always, worked like a charm. :)
Thanks :]
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Echo logged in username

Post by jacek »

abcedea wrote:As always, worked like a charm. :)
:D :D

Btw, I love this

ImageImageImageImageImageImageImageImageImageImage
Image
janvier123
Posts: 23
Joined: Tue Apr 17, 2012 6:25 am

Re: Echo logged in username

Post by janvier123 »

abcedea wrote:And yes, the email is encrypted with MD_5, but I am likely to change all of that to suit this.
Why would you MD5 a email? This makes no sens to me, untill you have 80.000 CPU hours to decode the md5, this is kinda useless
(Google MD5 Hacked)
User avatar
Helx
Posts: 350
Joined: Thu May 17, 2012 6:45 am
Location: Auckland, New Zealand

Re: Echo logged in username

Post by Helx »

janvier123 wrote:Why would you MD5 a email? This makes no sens to me, untill you have 80.000 CPU hours to decode the md5, this is kinda useless
(Google MD5 Hacked)
Like I said, I'm likely to change this.

I get really paranoid sometimes...
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Echo logged in username

Post by jacek »

If you are only using the email for login it might be quite nice as a way to assure people that you won't sell their email address to spammers if you don't actually store it :)
Image
Post Reply