使用登录会话将数据显示到文本输入字段 php mysqli
Displaying data to text input field php mysqli with login session
您好,登录后如何根据会话显示用户信息?我想在文本输入字段中显示,我已经创建了会话并包含 dbconfig.php。它没有出现在文本输入字段中。我的 mysqli 查询有问题吗?任何帮助真的很感激..
这是我的stdProfile.php
<body>
<?php
// connect to the database
include('dbconfig.php');
// get record from db
$sql = "SELECT id, stdName, stdMatric, stdFaculty, stdPhone from student";
$result = $mysqli-> query($sql);
session_start();
$_SESSION['stdName'] = $stdName;
while($row=mysqli_fetch_assoc($result))
{
$stdName = $row['stdName'];
$stdMatric = $row['stdMatric'];
$stdFaculty = $row['stdFaculty'];
$stdPhone = $row['stdPhone'];
}
?>
<h3 style="margin-left: 1em; margin-top: 1em;text-decoration: underline;">Student Profile</h3>
<div style="margin-left: 1em;">
<div class="form">
<div class="row">
<div class="col-xs-4">
<label>Student Name</label>
<input type="text" class="form-control" name="stdName" value="<?=$row['stdName']?>" readonly>
</div>
</div>
<br />
<div class="row">
<div class="col-xs-4">
<label>Student Matric</label>
<input class="form-control" name="stdMatric" value="<?=$row['stdMatric']?>" readonly>
</div>
</div>
<br>
<div class="row">
<div class="col-xs-4">
<label>Student Faculty</label>
<input class="form-control" name="stdFaculty" value="<?=$row['stdFaculty']?>" readonly>
</div>
</div>
<br />
<div class="row">
<div class="col-xs-4">
<label>Student Phone</label>
<input class="form-control" name="stdPhone" value="<?=$row['stdPhone']?>" readonly>
</div>
</div>
<br />
<button type="button" class="btn btn-danger" onclick="location.href='../view/custHomePage.php?
cust_ID=<?=$_SESSION['cust_ID']?>'">Cancel</button>
<button type="button" class="btn btn-warning" data-toggle="modal" data-
target="#updateModal">Edit Profile</button>
</div>
</div>
</body>
</html>
这是我的dbconfig.php
<?php
// server info
$server = 'localhost';
$user = 'root';
$pass = '';
$db = 'userprofile';
// connect to the database
$mysqli = new mysqli($server, $user, $pass, $db);
// show errors
mysqli_report(MYSQLI_REPORT_ERROR);
?>
这是我的输出,出现错误并且数据未出现在文本字段中,非常感谢您的帮助..
未定义的变量 错误是因为您试图在定义它之前读取它。
$_SESSION['stdName'] = $stdName; // Undefined variable
// Some code...
$stdName = $row['stdName']; // Defining it here
然后,在您的 HTML 表单中,您无法访问 $row。打印您在 SQL 查询后定义的变量。
改变这个:
<input type="text" class="form-control" name="stdName" value="<?=$row['stdName']?>" readonly>
为此:
<input type="text" class="form-control" name="stdName" value="<?=$stdName?>" readonly>
假设您已经记录并存储了用户数据。
login.php
<?php
// Proceed if actually get auth credentials
if(isset($_POST['user']) && isset($_POST['pass'])){
include('dbconfig.php');
$user = $_POST['user'];
// There are different methods to process passwords, so I suggest to take a look on password_hash() and password_verify()
$pass = $_POST['pass'];
// Use prepared statements to make it more secure
$sql = "SELECT id, stdName, stdMatric, stdFaculty, stdPhone from student
WHERE user = ? AND pass = ?";
// Prepare statement and bind params
$stmt = $conn->prepare($sql);
$stmt->bind_param("ss", $user, $pass);
// Execute statement and get results
$stmt->execute();
$result = $stmt->get_result();
// If there's actually at least one record that matches
if($results->num_rows >= 1){
$data = $result->fetch_assoc();
// Store all the student retrieved data in session variables
session_start();
$_SESSION = $data;
// Redirect to profile
header("Location: stdProfile.php");
}else{
// Do something if wrong user/pass
}
$conn->close();
}
?>
然后,您不必在学生个人资料或任何其他页面上再次 运行 sql 查询,因为您已将数据存储在 $_SESSION
中
作为@Dharman suggested, take a look at and bcrypt & password hashing in PHP
stdProfile.php
<?php
session_start();
if(!isset($_SESSION['id'])){
/* If no user stored in session (logged user)
return to index or loggin form */
header("Location: index.php");
}
// Store the $_SESSION in a more handy variable
$std = $_SESSION;
?>
然后stdProfile.php
的HTML形式
<input type="text" class="form-control" name="stdName" value="<?=$std['stdName']?>" readonly>
您好,登录后如何根据会话显示用户信息?我想在文本输入字段中显示,我已经创建了会话并包含 dbconfig.php。它没有出现在文本输入字段中。我的 mysqli 查询有问题吗?任何帮助真的很感激..
这是我的stdProfile.php
<body>
<?php
// connect to the database
include('dbconfig.php');
// get record from db
$sql = "SELECT id, stdName, stdMatric, stdFaculty, stdPhone from student";
$result = $mysqli-> query($sql);
session_start();
$_SESSION['stdName'] = $stdName;
while($row=mysqli_fetch_assoc($result))
{
$stdName = $row['stdName'];
$stdMatric = $row['stdMatric'];
$stdFaculty = $row['stdFaculty'];
$stdPhone = $row['stdPhone'];
}
?>
<h3 style="margin-left: 1em; margin-top: 1em;text-decoration: underline;">Student Profile</h3>
<div style="margin-left: 1em;">
<div class="form">
<div class="row">
<div class="col-xs-4">
<label>Student Name</label>
<input type="text" class="form-control" name="stdName" value="<?=$row['stdName']?>" readonly>
</div>
</div>
<br />
<div class="row">
<div class="col-xs-4">
<label>Student Matric</label>
<input class="form-control" name="stdMatric" value="<?=$row['stdMatric']?>" readonly>
</div>
</div>
<br>
<div class="row">
<div class="col-xs-4">
<label>Student Faculty</label>
<input class="form-control" name="stdFaculty" value="<?=$row['stdFaculty']?>" readonly>
</div>
</div>
<br />
<div class="row">
<div class="col-xs-4">
<label>Student Phone</label>
<input class="form-control" name="stdPhone" value="<?=$row['stdPhone']?>" readonly>
</div>
</div>
<br />
<button type="button" class="btn btn-danger" onclick="location.href='../view/custHomePage.php?
cust_ID=<?=$_SESSION['cust_ID']?>'">Cancel</button>
<button type="button" class="btn btn-warning" data-toggle="modal" data-
target="#updateModal">Edit Profile</button>
</div>
</div>
</body>
</html>
这是我的dbconfig.php
<?php
// server info
$server = 'localhost';
$user = 'root';
$pass = '';
$db = 'userprofile';
// connect to the database
$mysqli = new mysqli($server, $user, $pass, $db);
// show errors
mysqli_report(MYSQLI_REPORT_ERROR);
?>
这是我的输出,出现错误并且数据未出现在文本字段中,非常感谢您的帮助..
未定义的变量 错误是因为您试图在定义它之前读取它。
$_SESSION['stdName'] = $stdName; // Undefined variable
// Some code...
$stdName = $row['stdName']; // Defining it here
然后,在您的 HTML 表单中,您无法访问 $row。打印您在 SQL 查询后定义的变量。
改变这个:
<input type="text" class="form-control" name="stdName" value="<?=$row['stdName']?>" readonly>
为此:
<input type="text" class="form-control" name="stdName" value="<?=$stdName?>" readonly>
假设您已经记录并存储了用户数据。
login.php
<?php
// Proceed if actually get auth credentials
if(isset($_POST['user']) && isset($_POST['pass'])){
include('dbconfig.php');
$user = $_POST['user'];
// There are different methods to process passwords, so I suggest to take a look on password_hash() and password_verify()
$pass = $_POST['pass'];
// Use prepared statements to make it more secure
$sql = "SELECT id, stdName, stdMatric, stdFaculty, stdPhone from student
WHERE user = ? AND pass = ?";
// Prepare statement and bind params
$stmt = $conn->prepare($sql);
$stmt->bind_param("ss", $user, $pass);
// Execute statement and get results
$stmt->execute();
$result = $stmt->get_result();
// If there's actually at least one record that matches
if($results->num_rows >= 1){
$data = $result->fetch_assoc();
// Store all the student retrieved data in session variables
session_start();
$_SESSION = $data;
// Redirect to profile
header("Location: stdProfile.php");
}else{
// Do something if wrong user/pass
}
$conn->close();
}
?>
然后,您不必在学生个人资料或任何其他页面上再次 运行 sql 查询,因为您已将数据存储在 $_SESSION
中作为@Dharman suggested, take a look at
stdProfile.php
<?php
session_start();
if(!isset($_SESSION['id'])){
/* If no user stored in session (logged user)
return to index or loggin form */
header("Location: index.php");
}
// Store the $_SESSION in a more handy variable
$std = $_SESSION;
?>
然后stdProfile.php
的HTML形式<input type="text" class="form-control" name="stdName" value="<?=$std['stdName']?>" readonly>