PHP files for users -
i'm trying understand concept i've been trying learn last couple days;
i see many social networks using user's id in url after file (example: "socialnetwork.php?id=123") navigate user.
i want make profile.php
same thing instead of directing me homepage everytime.
question: how can use user's id in database read out unique profile data them in single file? - furthermore, should add register_config.php
file allow this?
<?php //requiring pass api config require 'password_config.php'; require 'connect.php'; //variables post data //other variables $email = $_post['register_email']; $username = $_post['register_username']; $userlen = strlen($username); $password = $_post['register_password']; $passlen = strlen($password); $submit = $_post['register_submit']; $hash_password = password_hash($password,password_bcrypt); $query = "select email users email = '$email'"; $query2 = mysql_query($query); $num_rows_email = mysql_num_rows($query2); $query3 = "select username users username = '$username'"; $query4 = mysql_query($query3); $num_rows_username = mysql_num_rows($query4); if(isset($submit)) { $errors = array(); if( $password == $username ) { $errors[] = '-same username , pass. '; } elseif( $userlen < 8 ) { $errors[] = '-username must atleast 8 characters. '; } elseif( $userlen > 32 ) { $errors[] = '-username must contain 32 characters. '; } elseif( empty($username) || empty($password) || empty($email) ) { $errors[] = '-please not leave fields empty. '; } elseif( $passlen < 8 ) { $errors[] = '-password must atleast 8 characters. '; } elseif( $passlen > 32 ) { $errors[] = '-password must contain 32 characters. '; } elseif( $num_rows_email != 0 ) { $errors[] = 'email exists'; } elseif( $num_rows_username != 0 ) { $errors[] = 'username exists'; } //if there no errors if (count($errors) == 0) { session_start(); $_session['username'] = $username; $insertuser = "insert users (email, username, password) values ('$email','$username','$hash_password')"; mysql_query($insertuser); //trying things have found, didnt work $getuid = "select id users email = '$email'"; $results = mysql_query($getuid); while($row = mysql_fetch_array($results)){ $uid = $row['id']; if(!file_exists("user/$uid")){mkdir("user/$uid", 0755);} } mail($email,'welcome','welcome site'); header('location: ../new_account.php'); exit(); } } ?>
note: -i know did not clean post data.
profile.php
code:
<?php session_start(); require 'include/connect.php'; if(!$_session['key']){die('no key');} $sql = "select * users id = '$uid'"; $query = mysql_query($sql); while($row = mysql_fetch_array($query)){ $user = $row['username']; } ?> <html> <head> <title>profile</title> <link href='css/main.css' rel='stylesheet' /> </head> <body> <div id='container'> <?php require 'include/header.php'; ?> <?= 'njm id # ==>'.$_session['uid'].'<br />'.'username ==>'.$user; ?> <br /> <p>try our beta mode<a href='forum/forum.php'> forum</a></p> <br /> <p><a href='find_friends.php'>find friends</a></p> <br /> <p><a href='index.php'>home</a></p> <?php require 'include/footer.php'; ?> </div> </div> </body> </html>
the parts of url refer known get
parameters. can access them in php via $_get
.
for example url specified has id
parameter, in php value of $_get['id']
.
in situation if wanted load user's information via id take value $_get['id']
, assign variable e.g. $id
.
then in where
clause of database query specify where id = $id
make use of this.
this technique assumes have id primary key or similar can reference in users
table.
please note get
parameters susceptible sql injection since it's easy supply values them. must sanitise , validate input. ideally might want using pdo , prepared statements bind inputs queries prevent sql injections.
Comments
Post a Comment