Once users are logged into my website, they can fill out a form which has two fields, "project name" and "project description".
I need help storing the username of the person who filled that form out.
For example, if I was to be logged in as Admin and filled the form out, in the database it should show the username Admin next to the form information.
Help is much appreciated and thank you in advance!
The form DB:
Database name: formsystem
Table name: form
Column I want to save the usernames to: form_user
My Code (groupForm.php):
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title></title>
<link rel="stylesheet" href="./css/form.css">
<link rel="stylesheet" href="./css/style.css">
</head>
<body>
<header>
<nav>
<div class="main-wrapper">
<div id="branding">
<li><h1><span><a href="homepage.php">ProjectNet</a></span></li>
</div>
<div class="nav-login">
<?php
if (isset($_SESSION['u_id'])) {
echo '<form action="includes/logout.inc.php" method="POST">
<button type="submit" name="submit">Logout</button>
</form>';
} else {
echo '<form action="includes/login.inc.php" method="POST">
<input type="text" name="uid" placeholder="Username/Email">
<input type="password" name="pwd" placeholder="Password">
<button type="submit" name="submit">Login</button>
</form>
<a href="signup.php">Sign up</a>';
}
?>
</div>
</nav>
</header>
<section id="showcase1">
<div class="container">
<form id="contact" action="includes/form_process.php" method="POST">
<h3>Creating a Group</h3>
<h4>Please fill out the sections below.</h4>
<fieldset>
<input placeholder="Project title" type="text" name="name">
</fieldset>
<fieldset>
<textarea placeholder="Description of the project...." type="text" name="message" ></textarea>
</fieldset>
<fieldset>
<button name="submit" type="submit">Create</button>
</fieldset>
</form>
</div>
</section>
</body>
</html>
Backend Code (form_process.php):
<?php
session_start();
if (isset($_POST['submit'])) {
function fetch_user_info($u_id){
$u_id = (int)$u_id;
$sql = "SELECT `user_uid` AS `username` FROM `users` WHERE `user_id` = {$u_id}";
$result = mysql_query($sql);
return mysql_fetch_assoc($result);
}
include_once 'formDatabaseConnection.php';
$name = mysqli_real_escape_string($conn, $_POST['name']);
$message = mysqli_real_escape_string($conn, $_POST['message']);
//Check for empty fields
if (empty($name) || empty($message)) {
header("Location: ../groupForm.php?signup=empty");
exit();
} else {
//Insert the user into the database
$sql = "INSERT INTO form (form_user, form_name, form_description) VALUES ('$u_id', '$name', '$message');";
mysqli_query($conn, $sql);
header("Location: ../findGroup.php");
exit();
}
} else {
header("Location: ../groupForm.php");
exit();
}
UPDATES:
Login code(login.inc.php):
<?php
session_start();
if (isset($_POST['submit'])) {
include 'dbh.inc.php';
$uid = mysqli_real_escape_string($conn, $_POST['uid']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
//Error handlers
//Check if inputs are empty
if (empty($uid) || empty($pwd)) {
header("Location: ../index.php?login=empty");
exit();
} else {
$sql = "SELECT * FROM users WHERE user_uid='$uid' OR user_email='$uid'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if ($resultCheck < 1) {
header("Location: ../index.php?login=error");
exit();
} else {
if ($row = mysqli_fetch_assoc($result)) {
//De-hashing the password
$hashedPwdCheck = password_verify($pwd, $row['user_pwd']);
if ($hashedPwdCheck == false) {
header("Location: ../index.php?login=error");
exit();
} elseif ($hashedPwdCheck == true) {
//log in the user here
$_SESSION['u_id'] = $row['user_id'];
$_SESSION['u_first'] = $row['user_first'];
$_SESSION['u_last'] = $row['user_last'];
$_SESSION['u_email'] = $row['user_email'];
$_SESSION['u_uid'] = $row['user_uid'];
header("Location: ../homepage.php");
exit();
}
}
}
}
} else {
header("Location: ../index.php?login=error");
exit();
}
