olaskee olaskee - 1 month ago 11
PHP Question

Trouble Displaying Login user First and Avatar PHP

Hello guy's have read couple of post and search google for answer but not luck.

Basically everything is going fine at the moment with my project. I wanted to display firstname, lastname and avatar for logged in user. here is the what am trying to archive without, http://prntscr.com/cs4xhx is in html at present.

here is what have added already in my header.php

<?php if(isset($_SESSION['user_type'])){ ?>
<a href class="dropdown-toggle" data-toggle="dropdown">
<img src="<?php echo $_SESSION['avatar']; ?>" alt="" class="img-circle size-30x30">
<span><?php echo $_SESSION['firstname'];?> <i class="fa fa-angle-down"></i></span>
</a>
<?php //} ?>


And here is what i have in my profile.php

<?php
//error_reporting(E_ALL); ini_set('display_errors', 1);

session_start();

if(!isset($_SESSION['user_type'])){
header('Location: index.php');
}

// include file
require_once('include/connection.php');

// page title
$title = "Welcome to your Profile";

// define user session
$userId = $_SESSION['user_id'];
$userName = $_SESSION['user_name'];
$firstname = $_SESSION['firstname'];
$lastname = $_SESSION['lastname'];


//include header layout
require_once('include/header.php');
?>
<?php
if($_SESSION['user_type'] == 'admin' || $_SESSION['user_type'] == 'leader'){

// include admin header layout
require_once('include/admin-header.php');

}elseif($_SESSION['user_type'] == 'member'){

// include member header layout
include_once('include/member-header.php');

}else{

session_destroy();
header('Location: index.php');
}
?>
<!-- check if user id is found, if not throw error ---->
<?php
$firstname = trim($_POST['firstname']);
$lastname = trim($_POST['lastname']);
$email = trim($_POST['email']);
$user_name = trim($_POST['user_name']);
$profession = trim($_POST['profession']);
$phone = trim($_POST['phone']);
$address = trim($_POST['address']);
$bio = trim($_POST['bio']);
$dob = trim($_POST['dob']);
$gender = trim($_POST['gender']);
$country = trim($_POST['country']);

$stmt = $con->prepare("SELECT firstname, lastname, user_name, avatar, profession, email, dob, gender, country, phone, bio, address, created_at FROM user WHERE id = ?");
$stmt->bind_param('s', $userId);
$stmt->execute();
$stmt->store_result();
if($stmt->num_rows == 0) {
echo 'No Data Found for this user';
}else {
$stmt->bind_result($firstname, $lastname, $user_name, $avatar, $profession, $email, $dob, $gender, $country, $phone, $bio, $address, $created_at);
$stmt->fetch();

//echo $stmt->num_rows


// $getUserQuery = "select * from user where id = $userId";
// $resultData = mysqli_query($con, $getUserQuery);
// if(!mysqli_num_rows($resultData)){
// echo 'No Data Found for this user';
// }else{
// $row = mysqli_fetch_array($resultData);
?>

<!-- self post back url -->
<?php
$url = 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
?>

<table>

<tr>
<td>
<center>
<img src="userfiles/avatars/<?php echo $avatar ;?>" width="150" height="150">
</center>

</td>
</tr>
<tr>
<td><label><strong>First Name</strong></label></td>
<td></td>
<td><label><?php echo $firstname; ?> </td>
</tr>
<tr>
<td><label><strong>Last Name</strong></label></td>
<td></td>
<td><label><?php echo $lastname;?> </td>
</tr>
<tr>
<td><label><strong>User Name</strong></label></td>
<td></td>
<td><label><?php echo $user_name;?> </td>
</tr>
<tr>
<td><label><strong>Profession</strong></label></td>
<td></td>
<td><label><?php echo $profession;?> </td>
</tr>
<tr>
<tr>
<td><label><strong>Phone</strong></label></td>
<td></td>
<td><label><?php echo $phone;?> </td>
</tr>
<tr>
<td><label><strong>Gender</strong></label></td>
<td></td>
<td><label><?php echo $gender;?> </td>
</tr>
<tr>
<td><label><strong>Date Of Birth</strong></label></td>
<td></td>
<td><label><?php echo $dob;?> </td>
</tr>
<tr>
<td><label><strong>Email</strong></label></td>
<td></td>
<td><label><?php echo $email;?> </td>
</tr>
<tr>
<td><label><strong>Country</strong></label></td>
<td></td>
<td><label><?php echo $country;?> </td>
</tr>
<tr>
<td><label><strong>Address</strong></label></td>
<td></td>
<td><label><?php echo $address;?> </td>
</tr>
<tr>
<td><label><strong>Biography</strong></label></td>
<td></td>
<td><label><?php echo $bio;?> </td>
</tr>
<tr>
<td><label><strong>Join Date</strong></label></td>
<td></td>
<td><label><?php echo $created_at;?> </td>
</tr>

</table>

<?php

}

$mysqli->close();
?>

<?php

// include footer layout
require_once('include/footer.php');
?>


funny enough in the header.php when replace the
<?php echo $_SESSION['firstname'];?>
with
<?php echo $_SESSION['user_name'];?>
. it works but when i try to display name and avatar it doesn't, am sure have define session variable or ?.

i hope some can share a light here. Thanks in advance.

UPDATE To identify where and how i set my session
header.php



<script type="text/javascript" src="include/plugins/ckeditor/ckeditor.js"></script>
<link rel="stylesheet" href="//code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css">
<script src="//code.jquery.com/ui/1.11.4/jquery-ui.js"></script>
<body>

<?php if(isset($_SESSION['user_type'])){ ?>
<div class="logout-link">
<p><?php echo $_SESSION['firstname'];?></p>
<p><a href="include/logout.php">Logout</a></p>
</div>
<?php } ?>

<?php if(isset($_SESSION['main_notice'])) { ?>
<div class="main-notice">
<p>
<?php
echo $_SESSION['main_notice'];
unset($_SESSION['main_notice']);
?>
</p>
</div>
<?php } ?>

<ul class="menu">
<li><a href="admin-dashboard-home.php">Home</a></li>
<li><a href="profile.php">Profile</a></li>
<li><a href="edit-profile.php">Edit Profile</a></li>
<li><a href="admin-post-task.php">Post Task</a></li>
<li><a href='user-profile.php'>Users Profile</a></li>
<!-- <li><a href="reset.php">Reset Password</a></li> -->

</ul>


And here is my index.php


//error_reporting(E_ALL); ini_set('display_errors', 1);

// session start
session_start();
// check if user already login
if(isset($_SESSION['user_type']) && isset($_SESSION['user_id']))
{
header('Location: profile.php');
}
// include database connection
require_once('include/connection.php');

if(isset($_POST['submit'])){
// Set session variables
$_SESSION["firstname"] = $firstname;
$_SESSION["lastname"] = $lastname;
// trim form field
$user_name = trim($_POST['user_name']);
$password = $_POST['password'];
// $email = trim($_POST['email'], ENT_QUOTES, 'UTF-8');



// form input validation
if (empty($user_name)){
$error[] = 'Field empty, please enter your username';
}

// password validation
if (empty($password)){
$error[] = 'Field empty, please create a password';
}


//if no errors have been created carry on
if(!isset($error)){


//$loginQuery = "select * from user where user_name = '$name' AND password = '$password' AND user_type = '$user_type'";
// $loginQuery = "select * from user where user_name = '$user_name' OR email = '$email'";

$stmt = $con->prepare("SELECT id, user_name, password, user_type FROM user WHERE user_name = ? ");
$stmt->bind_param('s', $user_name);
$stmt->execute();
$stmt->store_result();
if($stmt->num_rows){
// username exists
$stmt->bind_result($id, $username, $dbPassword, $userType);
$stmt->fetch();

if (password_verify($password, $dbPassword)) {

$_SESSION['user_id'] = $id;
$_SESSION['user_name'] = strtoupper($username);
$user_type = strtolower($userType);
if(strtolower($user_type) == 'member'){

$_SESSION['user_type'] = 'member';
//header('Location: member-dashboard-home.php');
header('Location: profile.php');
exit();

}elseif(strtolower($user_type) == 'admin' || strtolower($user_type) == 'leader'){

$_SESSION['user_type'] = strtolower($user_type);
//header('Location: admin-dashboard-home.php');
header('Location: profile.php');
}


}else{
$_SESSION['main_notice'] = "Invalid login details!";
header('Location: '.$_SERVER['PHP_SELF']);
exit();
}
}else{
// username doesn't exist
$_SESSION['main_notice'] = "Invalid username OR password details, please try again!";
header('Location: '.$_SERVER['PHP_SELF']);
exit();
}
//$mysqli->close();

}
}
// page title function
$title = 'Task Master | The Whittington Center | Log-in Page';

// include header
include_once('include/header.php');
?>


Also have also set my profile.php code like this. The profile page is where i want to echo user loggin firstname.


session_start();

if(!isset($_SESSION['user_type'])){
header('Location: index.php');
}

// include file
require_once('include/connection.php');

// page title
$title = "Welcome to your Profile";

// define user session
$userId = $_SESSION['user_id'];
$userName = $_SESSION['user_name'];
//$_SESSION['firstname'] = $firstname;
// Set session variables
$_SESSION["firstname"] = $firstname;
$_SESSION["lastname"] = $lastname;


//include header layout
require_once('include/header.php');
?>
<?php
if($_SESSION['user_type'] == 'admin' || $_SESSION['user_type'] == 'leader'){

// include admin header layout
require_once('include/admin-header.php');

}elseif($_SESSION['user_type'] == 'member'){

// include member header layout
include_once('include/member-header.php');

}else{

session_destroy();
header('Location: index.php');
}
?>
<!-- check if user id is found, if not throw error ---->
<?php
$firstname = trim($_POST['firstname']);
$lastname = trim($_POST['lastname']);
$email = trim($_POST['email']);
$user_name = trim($_POST['user_name']);
$profession = trim($_POST['profession']);
$phone = trim($_POST['phone']);
$address = trim($_POST['address']);
$bio = trim($_POST['bio']);
$dob = trim($_POST['dob']);
$gender = trim($_POST['gender']);
$country = trim($_POST['country']);

$stmt = $con->prepare("SELECT firstname, lastname, user_name, avatar, profession, email, dob, gender, country, phone, bio, address, created_at FROM user WHERE id = ?");
$stmt->bind_param('s', $userId);
$stmt->execute();
$stmt->store_result();
if($stmt->num_rows == 0) {
echo 'No Data Found for this user';
}else {
$stmt->bind_result($firstname, $lastname, $user_name, $avatar, $profession, $email, $dob, $gender, $country, $phone, $bio, $address, $created_at);
$stmt->fetch();

//echo $stmt->num_rows


// $getUserQuery = "select * from user where id = $userId";
// $resultData = mysqli_query($con, $getUserQuery);
// if(!mysqli_num_rows($resultData)){
// echo 'No Data Found for this user';
// }else{
// $row = mysqli_fetch_array($resultData);
?>

Answer

See the following lines on index.php page,

$_SESSION["firstname"] = $firstname;
$_SESSION["lastname"] = $lastname;

There's nowhere you have declared $firstname and $lastname in your code, you just magically used them. So remove these two lines, they are useless.

Now comes to your issue. Look at the following statement,

$stmt = $con->prepare("SELECT id, user_name, password, user_type FROM user ...

Neither you have selected firstname, lastname in your SELECT query, nor you have bounded appropriate variables in ->bind_result() method. So your code should be like this:

// your code

$stmt = $con->prepare("SELECT id, user_name, firstname, lastname, password, user_type FROM user WHERE user_name = ? ");
$stmt->bind_param('s', $user_name);
$stmt->execute();
$stmt->store_result();
if($stmt->num_rows){
    // username exists
    $stmt->bind_result($id, $username, $firstname, $lastname, $dbPassword, $userType);
    $stmt->fetch();
    if (password_verify($password, $dbPassword)) {

        $_SESSION['user_id'] = $id;
        $_SESSION['user_name'] = strtoupper($username);
        $_SESSION["firstname"] = $firstname;
        $_SESSION["lastname"] = $lastname;
        $user_type = strtolower($userType);
        if(strtolower($user_type) == 'member'){
            $_SESSION['user_type'] = 'member';  
            //header('Location: member-dashboard-home.php');
            header('Location: profile.php');
            exit();
        }elseif(strtolower($user_type) == 'admin' || strtolower($user_type) == 'leader'){
            $_SESSION['user_type'] = strtolower($user_type);                                        
            //header('Location: admin-dashboard-home.php');
            header('Location: profile.php');
            exit();
        }
    }else{
            $_SESSION['main_notice'] = "Invalid login details!";
            header('Location: '.$_SERVER['PHP_SELF']);
            exit();
    }
}else{
    // username doesn't exist
    $_SESSION['main_notice'] = "Invalid username OR password details, please try again!";
    header('Location: '.$_SERVER['PHP_SELF']);
    exit();
}

// your code

Note: To debug these issues, always add these two error reporting lines at the very top of your PHP scripts.

ini_set('display_errors', 1);
error_reporting(E_ALL);
Comments