I'm rather new to php and mysql, but I've managed to achieve a lot over the past weeks. I currently have a form that users fill out, and it stores the category and contents they provide.
Additionally, in order to create users I've followed this tutorial ( http://www.wikihow.com/Create-a-Secure-Login-Script-in-PHP-and-MySQL ) and have working user accounts and security linked with the page. This may be a simple question but I'm a bit stumped with how to link up a feature I need.
In short I want the insert line from my send_post.php to detect the currently logged in user and store it in a row called "contributor" or the like.
mysqli_query($connect,"INSERT INTO mytable (category, contents, date)
VALUES ('$_POST[category]', '$_POST[contents]', NOW())");
So it obviously needs to be (category, contents, date, contributor) but I'm not sure how to pull the currently logged in username and define it as 'contributor' in my send_post.php
[Via the tutorial, usernames are stored in a separate table named 'members' along with their numerical ID, email, hashed password, and salt. I know how to call that information but no idea how to get the current user.]
Here is the full send_post.php
<?php
include 'db_connect.php';
include 'functions.php';
sec_session_start();
if(login_check($mysqli) == true) {
//Connecting to sql db.
$connect=mysqli_connect("localhost","mydbusername","mydbpass","mysqldb");
header("Location: http://mysite.com/1.php");
if (mysqli_connect_errno()) { echo "Fail"; } else { echo "Success"; }
//Sending form data to sql db.
mysqli_query($connect,"INSERT INTO mytable (category, contents, date)
VALUES ('$_POST[category]', '$_POST[contents]', NOW())");
} else {
echo 'Access denied. <br/>';
}
?>
I would be very grateful and upvote for any help. Thanks
Edit, Current send_post.php
<?php
include 'db_connect.php';
include 'functions.php';
sec_session_start();
if(login_check($mysqli) == true) {
//Connecting to sql db.
$connect=mysqli_connect("localhost","myusername","mypassword","mysqldb");
header("Location: http://mysite.com/1.php");
if (mysqli_connect_errno()) { echo "Fail"; } else { echo "Success"; }
$stmt = $mysqli -> prepare('INSERT INTO mytable (category, contents, date, userid)
VALUES (?,?,NOW(),?)');
$stmt -> bind_params('ssi', $_POST['category'], $_POST['contents'], $_SESSION['user_id']);
$stmt -> execute();
} else {
echo 'Access denied. <br/>';
}
?>
EDIT 2, Errors: (actually I got 3)
[07-Oct-2013 21:05:54] PHP Fatal error: Call to undefined method mysqli_stmt::bind_params() in /home2/mememe/public_html/mysite/send_post.php on line 22
[07-Oct-2013 21:05:54] PHP Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home2/mememe/public_html/mysite/index_3.php:7) in /home2/mememe/public_html/mysite/functions.php on line 12
[07-Oct-2013 21:05:54] PHP Warning: session_regenerate_id() [function.session-regenerate-id]: Cannot regenerate session id - headers already sent in /home2/mememe/public_html/mysite/functions.php on line 13
Edit 3: echo returns
Array ( [user_id] => 3 [username] => THEUSERNAME [login_string] => tons of hash infor like 4eb86947c8007ef1d0bb658168a76affa5c666518d3b58d76bf3040dc36d7a399c6c110a8c7f0d9f03d2b4d63271bd1335c61311edb152670f010f04583e7578 )