I would like to modify the script below to pull additional information from the database when the user is redirected.
The extra information I want to pull through is in the same table as username and password and is labeled fname. I am very new to php so any help to point me in the right direction would be very much appreciated.
I know I could use the username (and that does work if I replace fname with username in the script on the redirected page) but that is an email so does not look good as a greeting to a logged on user
Here is the script to log in the user and redirect that is working fine:
<?php
session_start();
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="trydata"; // Database name
$tbl_name="users"; // Table name
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['username'];
$mypassword=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql = "SELECT *
FROM $tbl_name
WHERE username='$myusername'
AND password='$mypassword'";
$result = mysql_query($sql);
// Mysql_num_row is counting table row
$count = mysql_num_rows($result);
// If result matched $myusername and $mypassword,
// table row must be 1 row
if($count == 1){
// Register $myusername, $mypassword
// and redirect to file"login_success.php"
$_SESSION['username'] = $myusername;
$_SESSION['password'] = $mypassword;
// get the result set from the query
$result = mysql_fetch_array($result);
// get the redirect column's value
$redirect = trim($result['redirect']);
if ($redirect == '') {
echo "No redirect value was set!";
} else {
header('Location: ' . $redirect);
exit;
}
} else {
echo "Wrong Username or Password";
}
?>
Here is the script in the redirected page that is not pulling through the fname from the database:
<?php
// start up your PHP session!
session_start();
if ($_SESSION["username"]) {
echo "You are logged in as ".$_SESSION['fname'];
echo "<p>";
echo "<a href='aapage.php'>here is the aapage</a>";
echo "<a href='logout.php'> Click here to logout<a/>";
} else {
header ("Location: form.php");
}
?>