登录php后显示用户数据

时间:2017-08-28 12:09:48

标签: php sql

当某人登录时,只有他能看到他的个人资料。我怎样才能在PHP中向他展示他的数据?

<?php
    include_once("connection.php");
    if($_SESSION['id'])
    {
        $_SESSION = ['id'];
        $result = mysqli_query($connection, "select * from `student` where 
        `id` = $_SESSION[id]");
        $show=mysqli_fetch_assoc($result);
        if($show)
        {
            echo "welcome [username]";
        }
    }
?>

4 个答案:

答案 0 :(得分:0)

使用此代码。

if($_SESSION['id'])
{
$SESSION = $_SESSION['id'];
$result = mysqli_query($connection, "select * from `student` where 
`id` = '$SESSION'");
$show=mysqli_fetch_assoc($result);
echo "welcome $show['username']";
}

最好在登录时将用户名设置为会话变量,就像设置用户ID一样。然后您将不需要从db获取值。你可以只显示会话中的名字。

$_session['username']

答案 1 :(得分:0)

are us setting the session data at some place if yes then get the session 
data with the keys you have saved in session such as:

echo $_SESSION['username'];
echo $_SESSION['email'];
echo $_SESSION['gender'];

if you did not set the data at any place first set it in session super 
global and then  get it Example:

 //set user data in session variable.
//get data from database or any other data source
// set in session

$ _ SESSION [&#39;用户名&#39;] = $ data [&#39;用户名&#39;];

答案 2 :(得分:0)

CREATE GLOBAL TEMPORARY TABLE my_temp_table (
  id           NUMBER
)
ON COMMIT DELETE ROWS;

-- multiple INSERT INTO

select * from temp where temp_id in (SELECT id FROM my_temp_table);
COMMIT;

答案 3 :(得分:0)

您需要删除此行:

$_SESSION = ['id'];

这样做,您将$_SESSION变量覆盖为包含一个字符串的数组:'id'

首先,您需要在用户登录时用用户数据填充$_SESSION变量。在您的登录页面中,您应该具有这样的内容:

if (... some condition that checks if the login and password are ok) {
  $_SESSION['id'] = $userFromYourDatabase['id'];
  $_SESSION['other_data'] = $userFromYourDatabase['other_field'];
}

然后在您要显示用户数据的页面中:

<?php
    include_once("connection.php");
    if($_SESSION['id'])
    {
        $result = mysqli_query($connection, "select * from `student` where 
        `id` = {$_SESSION['id']}"); // Use curly braces to access array members inside strings
        $show = mysqli_fetch_assoc($result); // now $show is an array that holds the user data
        if($show)
        {
            echo "welcome {$show['username']}";
        }
    }
?>

那是用最基本的解决方案来回答这个问题。 但是在SQL查询字符串中使用变量时要非常小心。这是一个$_SESSION变量,唯一的风险是如果您在这些变量中手动放置了错误的代码(似乎很可能这样做)。或者,如果您从用户输入中设置了$_SESSION['id'](如果您进行了$_SESSION['id'] = $_POST['something'],那么在任何情况下都非常糟糕)。因此,以防万一,作为一种好的做法,请考虑使用准备好的语句,如此处说明的:https://www.w3schools.com/php/php_mysql_prepared_statements.asp

相关问题
最新问题