How to make a welcome screen in PHP?

1

I want to create a welcome page for the user who logged into the site.

My difficulty is in creating the query as I do it and show the user name through an echo?

login.php form

<?php 
    session_start();
    if(isset($_POST['submit'])){
        $user = $_POST['username'];
        $pwrd = $_POST['pwrd'];
        //include database connection
        include('includes/db_connect.php');
        if(empty($user) || empty($pwrd)){
            echo 'Nada informado';
        }else{
            //prevenção de sql injection
            $user = strip_tags($user);
            $user = $db->real_escape_string($user);
            $pwrd = strip_tags($pwrd);
            $pwrd = $db->real_escape_string($pwrd);
            $pwrd = md5($pwrd);
            $query = $db-> query("SELECT user_id, username FROM user WHERE username='$user' AND password='$pwrd'");

            //echo $query->num_rows; ver se tem algo no banco

            if($query->num_rows === 1){
                while($row = $query->fetch_object()){
                    $_SESSION['user_id'] = $row->user_id;       
                }


                header('Location: admin/index.php');
                exit();
        }else{
            echo 'Nada informado';
        }
      }
    }

    ?>

index.php welcome page

    <?php 

    include('../includes/db_connect.php');

    $query = $db-> query("SELECT user_id, username FROM user WHERE username='$user'");


    echo 'bem vindo: $ não sei o que colocar aqui';


    ?>

database -login.php-

-index.php-thisiswhatIwanttohappen,gettheloginusernameanddisplayitonawelcomescreen.

    
asked by anonymous 30.06.2017 / 06:22

2 answers

1

In this case your index page should be:

 <?php 
 session_start();
 echo "bem vindo: ".$_SESSION['username'];
 ?>

Notice that in the login file, in this section:

$_SESSION['username'] = $row->username;

The result of SELECT is assigned to the session variable.

Another detail, while is unnecessary, since to assign the user id to the session variable we have this conditional:

if($query->num_rows === 1)//se o resultado da query === 1...execute

then this could be:

if($query->num_rows === 1)
{    $row = $query->fetch_object();
     $_SESSION['username'] = $row->username;       
     header('Location: admin/index.php');
     exit();
}else
{    echo 'Nada informado';
}

I think that's it. I do not remember if in index, will need to start the session, but PHP warns ... Test if error gives warning, agent corrects.

    
30.06.2017 / 06:57
0

You have done this:

$query = $db-> query("SELECT user_id, username FROM user WHERE username='$user'");

echo 'bem vindo: $ não sei o que colocar aqui';

But it was missing to do the Fetch of the data for an object: $dado = $query->fetch_object();

Then you can use it in two ways.

echo 'bem vindo: '.$dados->username; (In your SQL, you are not looking for the name of the user in the database.) Do you have a column with name there? If you have change your SQL, and put $ data-> name

or

echo "bem vindo: $dados->username";

Did you notice the difference with double quotation marks?

    
30.06.2017 / 15:54