0

我有在线条目,我使用登录名进入所需页面,一切正常,想更新此登录名。要跟踪使用,请插入此条目。请帮助我在我的标题(“位置:kycapps.php”)页面中回显登录用户ID。并将用户存储在表格列中。

enter code here



<?php
 //Start session
 session_start();

 //Include database connection details
 require_once('db.php');

 //Array to store validation errors
 $errmsg_arr = array();

  //Validation error flag
   $errflag = false;

 /  /Function to sanitize values received from the form. Prevents SQL injection
 function clean($str) {
 $str = @trim($str);
 if(get_magic_quotes_gpc()) {
 $str = stripslashes($str);
  }
  return mysql_real_escape_string($str);
 }

  //Sanitize the POST values
 $username = clean($_POST['username']);
 $password = clean($_POST['password']);

 //Input Validations
 if($username == '') {
  $errmsg_arr[] = 'Username missing';
 $errflag = true;
 }
 if($password == '') {
 $errmsg_arr[] = 'Password missing';
 $errflag = true;
 }

 //If there are input validations, redirect back to the login form
 if($errflag) {
 $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
 session_write_close();
 header("location: index.php");
 exit();
 }

 //Create query
 $qry="SELECT * FROM user WHERE username='$username' 
  AND   password='".md5($_POST['password'])."'";
   $result=mysql_query($qry);

  //Check whether the query was successful or not
 if($result) {
  if(mysql_num_rows($result) > 0) {
  //Login Successful
  session_regenerate_id();
  $member = mysql_fetch_assoc($result);
  $_SESSION['SESS_MEMBER_ID'] = $member['id'];
  $_SESSION['SESS_FIRST_NAME'] = $member['username'];
  $_SESSION['SESS_LAST_NAME'] = $member['password'];
  session_write_close();
  header("location: kycapps.php");
  exit();
  }else {
  //Login failed
  $errmsg_arr[] = 'user name and password not found';
  $errflag = true;
  if($errflag) {
  $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
  session_write_close();
  echo("Successful Login!");
    session_start();

     $_SESSION['SESS_FIRST_NAME'] = $member['username'];
   header("location: index.php");
   exit();
   }
 }
 }else {
 die("Query failed");
 }
 ?>
4

0 回答 0