如何获取登录用户php的ID
嗨,我对php比较陌生,我正在使用php和phpmyadmin作为服务器制作一个预订系统数据库和网站。我需要有关数据库编码的帮助 具体来说,我正在尝试获取登录用户的id 这是我的密码如何获取登录用户php的ID,php,mysql,Php,Mysql,嗨,我对php比较陌生,我正在使用php和phpmyadmin作为服务器制作一个预订系统数据库和网站。我需要有关数据库编码的帮助 具体来说,我正在尝试获取登录用户的id 这是我的密码 //连接到数据库 $db=mysqli_connect('localhost'、'#'、'#'、'#'、'#');//为了安全而隐藏 //变量声明 $username=“”; $email=“”; $errors=array(); //如果单击register\u btn,则调用register()函数 如果(i
//连接到数据库
$db=mysqli_connect('localhost'、'#'、'#'、'#'、'#');//为了安全而隐藏
//变量声明
$username=“”;
$email=“”;
$errors=array();
//如果单击register\u btn,则调用register()函数
如果(isset($_POST['register\u btn'])){
寄存器();
}
//如果单击register\u btn,则调用login()函数
如果(isset($\u POST['login\u btn'])){
登录();
}
如果(isset($\u GET['logout'])){
会话_destroy();
取消设置($_会话['user']);
标题(“location:login.php”);
}
如果(isset($_POST['picku_date'])){
书();
}
//注册用户
函数寄存器(){
全局$db,$errors;
//从表单接收所有输入值
$firstname=e($_POST['firstname']);
$姓氏=e($_POST['姓氏]);
$address=e($_POST['address']);
$home_postcode=e($home_POST['home_postcode']);
$age=e($_POST['age']);
$email=e($_POST['email']);
$username=e($_POST['username']);
$password_1=e($_POST['password_1']);
$password_2=e($_POST['password_2']);
//表单验证:确保表单填写正确
if(空($firstname)){
数组_push($errors,“需要名字”);
}
if(空($姓)){
数组_push($errors,“需要姓氏”);
}
if(空($address)){
数组_push($errors,“需要地址”);
}
如果(空($home_postcode)){
数组_push($errors,“需要家庭邮政编码”);
}
if(空($age)){
数组_push($errors,“需要年龄”);
}
如果(空($email)){
数组_push($errors,“需要电子邮件”);
}
if(空($username)){
数组_push($errors,“需要用户名”);
}
如果(空($password_1)){
数组_push($errors,“需要密码”);
}
如果($password\u 1!=$password\u 2){
数组_push($errors,“两个密码不匹配”);
}
$password=$password\u 1;
//如果表单中没有错误,请注册用户
如果(计数($errors)==0){
如果(isset($\u POST['user\u type'])){
$user_type=e($_POST['user_type']);
$query=“插入用户(名字、姓氏、地址、家庭邮政编码、年龄、电子邮件、用户名、用户类型、密码)
值(“$firstname”、“$LANSAME”、“$address”、“$home\u postcode”、“$age”、“$email”、“$username”、“$user\u type”、“$password”);
mysqli_查询($db,$query);
$\u会话['success']=“已成功创建新用户。”;
标题('location:home.php');
}否则{
$query=“插入用户(名字、姓氏、地址、家庭邮政编码、年龄、电子邮件、用户名、用户类型、密码)
值(“$firstname”、“$LANSAME”、“$address”、“$home\U postcode”、“$age”、“$email”、“$username”、“user”、“$password”);
mysqli_查询($db,$query);
//获取已创建用户的id
$logged_in_user_id=mysqli_insert_id($db);
$\u SESSION['user']=getUserById($logged_in_user_id);//将登录用户放入会话
$\会话['success']=“您现在已登录”;
标题('location:index.php');
}
}
}
//订车
功能书(){
全局$db,$errors;
//从表单接收所有输入值
$car_selected=e($_POST['car_selected']);
$picku_date=e($_POST['picku_date']);
$picku_time=e($_POST['picku_time']);
$return_date=e($u POST['return_date']);
$return_time=e($_POST['return_time']);
$collection_postcode=e($u POST['collection_postcode']);
//表单验证:确保表单填写正确
如果(空($picking_date)){
数组_push($errors,“需要拾取日期”);
}
如果(空($picku_time)){
阵列推送($errors,“需要拾取时间”);
}
如果(空($return_date)){
数组_push($errors,“需要返回日期”);
}
if(空($return_time)){
数组_push($errors,“需要返回时间”);
}
如果(空($collection_postcode)){
数组_push($errors,“需要收集邮政编码”);
}
//将所选汽车转换为该汽车的ID
$query=“选择*自车辆,其中车辆ID=”.$car\U已选择;
//如果表格中没有错误,请预订汽车
如果(计数($errors)==0){
$query=“插入预订详细信息(取车日期、取车时间、退货日期、退货时间、总成本、收款邮政编码、车辆编号、用户编号)
值(“$picking_date”、“$picking_time”、“$return_date”、“$return_time”、“$1000”、“$collection_postcode”、“$car_selected”、“$id”);
if(mysqli_查询($db,$query)){
回声“你好”;
}否则{
回显“
”$query.“
”;
echo mysqli_错误($db);
}
}
}
//从用户的id返回用户数组
函数getUserById($id){
全球$db;
$query=“从用户中选择*,其中user_id=”.$id;
$result=mysqli_查询($db$query);
$user=mysqli\u fetch\u assoc($result);
返回$user;
}
//登录用户
函数登录(){
全局$db、$username、$errors;
//获取表单值
$username=e($_POST['username']);
$password=e($_POST['password']);
//确保表格填写正确
if(空($username)){
数组_push($errors,“需要用户名”);
}
if(空($password)){
数组_push($errors,“需要密码”);
}
//如果表单上没有错误,请尝试登录
如果(计数($errors)==0){
$query=“从用户名='$username'和密码='$passwor'的用户中选择*
// connect to database
$db = mysqli_connect('localhost', '#', '#', '#'); // hidden for security
// variable declaration
$username = "";
$email = "";
$errors = array();
// call the register() function if register_btn is clicked
if (isset($_POST['register_btn'])) {
register();
}
// call the login() function if register_btn is clicked
if (isset($_POST['login_btn'])) {
login();
}
if (isset($_GET['logout'])) {
session_destroy();
unset($_SESSION['user']);
header("location: login.php");
}
if (isset($_POST['pickup_date'])) {
book();
}
// REGISTER USER
function register(){
global $db, $errors;
// receive all input values from the form
$firstname = e($_POST['firstname']);
$surname = e($_POST['surname']);
$address = e($_POST['address']);
$home_postcode = e($_POST['home_postcode']);
$age = e($_POST['age']);
$email = e($_POST['email']);
$username = e($_POST['username']);
$password_1 = e($_POST['password_1']);
$password_2 = e($_POST['password_2']);
// form validation: ensure that the form is correctly filled
if (empty($firstname)) {
array_push($errors, "first name is required");
}
if (empty($surname)) {
array_push($errors, "surname is required");
}
if (empty($address)) {
array_push($errors, "address is required");
}
if (empty($home_postcode)) {
array_push($errors, "home postcode is required");
}
if (empty($age)) {
array_push($errors, "age is required");
}
if (empty($email)) {
array_push($errors, "Email is required");
}
if (empty($username)) {
array_push($errors, "Username is required");
}
if (empty($password_1)) {
array_push($errors, "Password is required");
}
if ($password_1 != $password_2) {
array_push($errors, "The two passwords do not match");
}
$password = $password_1;
// register user if there are no errors in the form
if (count($errors) == 0) {
if (isset($_POST['user_type'])) {
$user_type = e($_POST['user_type']);
$query = "INSERT INTO users (firstname, surname, address, home_postcode, age, email, username, user_type, password)
VALUES('$firstname', '$surname', '$address', '$home_postcode','$age','$email', '$username', '$user_type', '$password')";
mysqli_query($db, $query);
$_SESSION['success'] = "New user successfully created.";
header('location: home.php');
}else{
$query = "INSERT INTO users (firstname, surname, address, home_postcode, age, email, username, user_type, password)
VALUES('$firstname', '$surname', '$address', '$home_postcode','$age','$email', '$username', 'user', '$password')";
mysqli_query($db, $query);
// get id of the created user
$logged_in_user_id = mysqli_insert_id($db);
$_SESSION['user'] = getUserById($logged_in_user_id); // put logged in user in session
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}
}
}
// BOOK A CAR
function book() {
global $db, $errors;
// receive all input values from the form
$car_chosen = e($_POST['car_chosen']);
$pickup_date = e($_POST['pickup_date']);
$pickup_time = e($_POST['pickup_time']);
$return_date = e($_POST['return_date']);
$return_time = e($_POST['return_time']);
$collection_postcode = e($_POST['collection_postcode']);
// form validation: ensure that the form is correctly filled
if (empty($pickup_date)) {
array_push($errors, "pickup date is required");
}
if (empty($pickup_time)) {
array_push($errors, "pickup time is required");
}
if (empty($return_date)) {
array_push($errors, "return date is required");
}
if (empty($return_time)) {
array_push($errors, "return time is required");
}
if (empty($collection_postcode)) {
array_push($errors, "collection postcode is required");
}
// convert car chosen to the ID of that car
$query = "SELECT * FROM cars WHERE car_ID = " . $car_chosen;
// book car if there are no errors in the form
if (count($errors) == 0) {
$query = "INSERT INTO booking_details (pickup_date, pickup_time, return_date, return_time, total_cost, collection_postcode, car_fk, user_fk)
VALUES('$pickup_date', '$pickup_time', '$return_date', '$return_time', '1000', '$collection_postcode','$car_chosen','$id')";
if(mysqli_query($db, $query)){
echo 'hello';
}else{
echo "<br>" . $query . "<br>";
echo mysqli_error($db);
}
}
}
// return user array from their id
function getUserById($id){
global $db;
$query = "SELECT * FROM users WHERE user_id=" . $id;
$result = mysqli_query($db, $query);
$user = mysqli_fetch_assoc($result);
return $user;
}
// LOGIN USER
function login(){
global $db, $username, $errors;
// grab form values
$username = e($_POST['username']);
$password = e($_POST['password']);
// make sure form is filled properly
if (empty($username)) {
array_push($errors, "Username is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
// attempt login if no errors on form
if (count($errors) == 0) {
$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) { // user found
// check if user is admin or user
$logged_in_user = mysqli_fetch_assoc($results);
if ($logged_in_user['user_type'] == 'admin') {
$_SESSION['user'] = $logged_in_user;
$_SESSION['success'] = "You are now logged in";
header('location: home.php');
}else{
$_SESSION['user'] = $logged_in_user;
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}
}else {
array_push($errors, "Wrong username/password combination");
}
}
}
function isLoggedIn()
{
if (isset($_SESSION['user'])) {
return true;
}else{
return false;
}
}
function isAdmin()
{
if (isset($_SESSION['user']) && $_SESSION['user']['user_type'] == 'admin' ) {
return true;
}else{
return false;
}
}
// escape string
function e($val){
global $db;
return mysqli_real_escape_string($db, trim($val));
}
function display_error() {
global $errors;
if (count($errors) > 0){
echo '<div class="error">';
foreach ($errors as $error){
echo $error .'<br>';
}
echo '</div>';
}
}
$logged_in_user = mysqli_fetch_assoc($results);
$_SESSION['user'] = $logged_in_user;
$loggedInUserId = $_SESSION['user']['name_of_id_column'];
$user = $_SESSION['user'];
$loggeduserid = $user['id'];