dongyan1936
2018-04-13 19:26
浏览 67
已采纳

PHP / SQL在表单完成时存储当前登录用户的名称

Once users are logged into my website, they can fill out a form which has two fields, "project name" and "project description".

I need help storing the username of the person who filled that form out.

For example, if I was to be logged in as Admin and filled the form out, in the database it should show the username Admin next to the form information.

Help is much appreciated and thank you in advance!

The form DB:
Database name: formsystem
Table name: form
Column I want to save the usernames to: form_user

My Code (groupForm.php):

<?php
    session_start();
?>

<!DOCTYPE html>
<html>
  <head>
  <meta charset="UTF-8">
    <title></title>
     <link rel="stylesheet" href="./css/form.css">
     <link rel="stylesheet" href="./css/style.css">
  </head>
  <body>
  <header>
    <nav>
        <div class="main-wrapper">
        <div id="branding">
        <li><h1><span><a href="homepage.php">ProjectNet</a></span></li>
        </div>
            <div class="nav-login">
                <?php
                    if (isset($_SESSION['u_id'])) {
                        echo '<form action="includes/logout.inc.php" method="POST">
                              <button type="submit" name="submit">Logout</button>
                              </form>';
                    } else {
                        echo '<form action="includes/login.inc.php" method="POST"> 
                              <input type="text" name="uid" placeholder="Username/Email">
                              <input type="password" name="pwd" placeholder="Password">
                              <button type="submit" name="submit">Login</button>
                              </form>
                              <a href="signup.php">Sign up</a>';
                    }
                ?>
        </div>
    </nav>
    </header>
    <section id="showcase1">
<div class="container">  
  <form id="contact" action="includes/form_process.php" method="POST">
    <h3>Creating a Group</h3>
    <h4>Please fill out the sections below.</h4>
    <fieldset>
      <input placeholder="Project title" type="text" name="name">
    </fieldset>
    <fieldset>
      <textarea placeholder="Description of the project...." type="text" name="message" ></textarea>
    </fieldset>
    <fieldset>
    <button name="submit" type="submit">Create</button>
    </fieldset>
  </form>
</div>
</section>
  </body> 
</html>

Backend Code (form_process.php):

<?php

session_start();

if (isset($_POST['submit'])) {

    function fetch_user_info($u_id){
    $u_id = (int)$u_id;

    $sql = "SELECT `user_uid` AS `username` FROM `users` WHERE `user_id` = {$u_id}";

    $result = mysql_query($sql);

    return mysql_fetch_assoc($result);
}

    include_once 'formDatabaseConnection.php';

    $name = mysqli_real_escape_string($conn, $_POST['name']);
    $message = mysqli_real_escape_string($conn, $_POST['message']);

    //Check for empty fields
    if (empty($name) || empty($message)) {
        header("Location: ../groupForm.php?signup=empty");
        exit();
    } else {
        //Insert the user into the database
                $sql = "INSERT INTO form (form_user, form_name, form_description) VALUES ('$u_id', '$name', '$message');";

                mysqli_query($conn, $sql);
                header("Location: ../findGroup.php");
                exit();
    }


} else {
    header("Location: ../groupForm.php");
    exit();
}

UPDATES:
Login code(login.inc.php):

<?php

session_start();

if (isset($_POST['submit'])) {

    include 'dbh.inc.php';

    $uid = mysqli_real_escape_string($conn, $_POST['uid']);
    $pwd = mysqli_real_escape_string($conn, $_POST['pwd']);

    //Error handlers
    //Check if inputs are empty
    if (empty($uid) || empty($pwd)) {
        header("Location: ../index.php?login=empty");
        exit();
    } else {
        $sql = "SELECT * FROM users WHERE user_uid='$uid' OR user_email='$uid'";
        $result = mysqli_query($conn, $sql);
        $resultCheck = mysqli_num_rows($result);
        if ($resultCheck < 1) {
            header("Location: ../index.php?login=error");
            exit();
        } else {
            if ($row = mysqli_fetch_assoc($result)) {
                //De-hashing the password
                $hashedPwdCheck = password_verify($pwd, $row['user_pwd']);
                if ($hashedPwdCheck == false) {
                    header("Location: ../index.php?login=error");
                    exit();
                } elseif ($hashedPwdCheck == true) {
                    //log in the user here
                    $_SESSION['u_id'] = $row['user_id'];
                    $_SESSION['u_first'] = $row['user_first'];
                    $_SESSION['u_last'] = $row['user_last'];
                    $_SESSION['u_email'] = $row['user_email'];
                    $_SESSION['u_uid'] = $row['user_uid'];

                    header("Location: ../homepage.php");
                    exit();
                }
            }
        }
    }

} else {
    header("Location: ../index.php?login=error");
    exit();
}
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • duanke2503 2018-04-15 14:28
    已采纳

    When a user logging in your system, store that user's ID & user name in session & retrieve that user name when you want to save it & replace your form_user value with that session value. Check below code for more clarification.

    $username = $_SESSION['u_first']. ' '.$_SESSION['u_last'];
    $sql = "INSERT INTO form (form_user, form_name, form_description) VALUES ($username, $name, $message)";
    
    点赞 打赏 评论

相关推荐 更多相似问题