帮助从数据库中提取当前记录的用户 ID 和名字答案

【问题标题】：Kind Assistance with Pulling Currently Logged User ID and First Name from Database帮助从数据库中提取当前记录的用户 ID 和名字
【发布时间】：2017-04-10 08:36:59
【问题描述】：

我正在构建一个学习计划器，在登录后只有一个欢迎区域。我目前正在尝试获取当前登录用户的用户 ID，以便在此欢迎区域的 SQL 更新查询中使用作为用户在欢迎消息中使用的名字。

我尝试将$_SESSION['user_id'] = userid; 和$_SESSION['user_firstname'] = firstname; 放在$_SESSION['login_user'] = $username; 之后($_SESSION['login_user'] = $username; 工作正常）但是在登录页面时，我收到这些错误：Notice: Use of undefined constant userid - assumed 'userid' in C:\wamp64\www\justread\session.php on line 11 和Notice: Use of undefined constant firstname - assumed 'firstname' in C:\wamp64\www\justread\session.php on line 12。

现在，我知道错误要我先对“userid”和“firstname”进行某种初始化，然后再使用它们来设置会话变量，但我不知道该怎么做，所以我想知道如果有人可以帮助我，请。

提前谢谢你。

如果需要，我可以发布更多代码，但我认为相关的代码是：

<?php

// Start session
session_start();
// Variable to store error message
$error ="";
// If the login form (Note that the 'submit' refers to the 'name' attribute of the login form) has been submitted...
if (isset($_POST['submit'])) {
    // If username or password is not provided...
    if (empty($_POST['username']) || empty($_POST['password'])) {
        // ...tell user that login details are invalid.
        $error = "Please fill in both your username and your password";
        // Else...
    } else {
        // ...put the provided username and password in variables $username and $password, respectively
        $username = $_POST['username'];
        $password = $_POST['password'];
        // Establish connection to the server
        $mysqli = mysqli_connect("localhost", "root", "");
        // set up measures to counter potential MySQL injections
        $username = stripslashes($username);
        $password = stripslashes($password);
        $username = mysqli_real_escape_string($mysqli, $username);
        $password = mysqli_real_escape_string($mysqli, $password);
        // Select Database
        $db = mysqli_select_db($mysqli, "p00702");
        // SQL query to fetch information of registerd users and find user match.
        $query = mysqli_query($mysqli, "SELECT * from logins WHERE password='$password' AND username='$username'");
        // Return the number of rows of the query result and put it in $rows variable
        $rows = mysqli_num_rows($query);
        // If rows are equal to one...
        if ($rows == 1) {
            unset($_SESSION['error']);
            // Initialize session with the username of the user...
            $_SESSION['login_user'] = $username;
            // Set the user ID of the user
            $_SESSION['user_id'] = userid;
            // Set the user first name of the user
            $_SESSION['user_firstname'] = firstname;
            // ...and redirect to the homepage.
            header("Location: welcome.php");
            // Make sure that codes below do not execut upon redirection.
            exit;
        // Else, 
        } else {
            // and tell user that the login credentials are invalid.
            $error = "Your username or password is invalid";
            $_SESSION['error'] = $error;
            // redirect user to the home page (index.php)
            header("Location: index.php");
        }
        // ...and close connection
        mysqli_close($mysqli);
    }
}

session.php

<?php

// Establish connection to the server
$mysqli = mysqli_connect("localhost", "root", "");
// Selecting Database
$db = mysqli_select_db($mysqli, "p00702");
// Starting session
session_start();
// Storing Session
$user_check = $_SESSION['login_user'];
$_SESSION['user_id'] = userid;
$_SESSION['user_firstname'] = firstname;
// Test to see the content of the global session variable
print_r($_SESSION);
// SQL Query To Fetch Complete Information Of User
$ses_sql = mysqli_query($mysqli, "SELECT username FROM logins WHERE username='$user_check'");
$row = mysqli_fetch_assoc($ses_sql);
$login_session = $row['username'];
if (!isset($login_session)) {
    // Closing Connection
    mysqli_close($mysqli);
    // Redirecting To Home Page
    header('Location: index.php');
    // Make sure that codes below do not execut upon redirection.
    exit;
}

【问题讨论】：

标签： php mysql session login

【解决方案1】：

在 PHP 中，变量名以“$”符号开头。此外，在 login.php 中，您必须使用 mysqli_fetch_row 或任何类似函数来获取数据。我假设您在登录后重定向到 session.php。在这种情况下，您不必为会话变量分配任何内容。它已经在那里了。您所要做的就是访问它。

<?php

// Start session
session_start();
// Variable to store error message
$error ="";
// If the login form (Note that the 'submit' refers to the 'name' attribute of the login form) has been submitted...
if (isset($_POST['submit'])) {
    // If username or password is not provided...
    if (empty($_POST['username']) || empty($_POST['password'])) {
        // ...tell user that login details are invalid.
        $error = "Please fill in both your username and your password";
        // Else...
    } else {
        // ...put the provided username and password in variables $username and $password, respectively
        $username = $_POST['username'];
        $password = $_POST['password'];
        // Establish connection to the server
        $mysqli = mysqli_connect("localhost", "root", "");
        // set up measures to counter potential MySQL injections
        $username = stripslashes($username);
        $password = stripslashes($password);
        $username = mysqli_real_escape_string($mysqli, $username);
        $password = mysqli_real_escape_string($mysqli, $password);
        // Select Database
        $db = mysqli_select_db($mysqli, "p00702");
        // SQL query to fetch information of registerd users and find user match.
        $query = mysqli_query($mysqli, "SELECT * from logins WHERE password='$password' AND username='$username'");
        // Return the number of rows of the query result and put it in $rows variable
        $rows = mysqli_num_rows($query);
        // If rows are equal to one...
        if ($rows == 1) {
            $row = mysql_fetch_object($query);
            unset($_SESSION['error']);
            // Initialize session with the username of the user...
            $_SESSION['login_user'] = $username;
            // Set the user ID of the user
            $_SESSION['user_id'] = $row->userid;
            // Set the user first name of the user
            $_SESSION['user_firstname'] = $row->firstname;
            // ...and redirect to the homepage.
            header("Location: welcome.php");
            // Make sure that codes below do not execut upon redirection.
            exit;
        // Else, 
        } else {
            // and tell user that the login credentials are invalid.
            $error = "Your username or password is invalid";
            $_SESSION['error'] = $error;
            // redirect user to the home page (index.php)
            header("Location: index.php");
        }
        // ...and close connection
        mysqli_close($mysqli);
    }
}

session.php

<?php

// Establish connection to the server
$mysqli = mysqli_connect("localhost", "root", "");
// Selecting Database
$db = mysqli_select_db($mysqli, "p00702");
// Starting session
session_start();

if (!isset($_SESSION['user_id'])) {
    // Closing Connection
    // Redirecting To Home Page
    header('Location: index.php');
    // Make sure that codes below do not execut upon redirection.
    exit;
}
print_r($_SESSION);

另外，将连接部分移至单独的文件并将其包含在所有脚本中，这样当您的凭据更改时，您不必在所有文件中进行更改。

【讨论】：

非常感谢您回复我。我输入了以下几行： $row = mysql_fetch_object($query); $_SESSION['user_id'] = $row->userid; $_SESSION['user_firstname'] = $row->firstname;但它仍然会出现同样的错误。请问我还有什么遗漏的吗？
检查您的 session.php 文件。那一开始就不应该有那个赋值操作。
嘿，我到了某个地方。现在显示用户 ID，我只需要对名字方面进行排序。我会让你知道。再次感谢您。
我现在整理好了，非常感谢。愿您在需要时也能得到帮助。