Creating user areas

I’m sure this question has been asked before but I have used the search feature and cannot find an answer. Maybe because i’m not quite sure what I should be looking for so please bear with me.

Basically, I have set up a simple user login/registration system, which gives users access to index.php, where it displays their own account data when they are logged in. So this page allows them to update their profile and upload images etc.

But now, I want each user to have a publicly viewable profile where this data is displayed on a directory such as http:www.mysite.com/user/username/index.php. And now i’m unsure how to do this. The main thing I am struggling with is how this can be done dynamically when the user registers.

I hope that makes sense.
Please help

I would guess your problem is that your actually using directories to create URL structure. Normally, you would using the mod_rewrite module of Apache to ‘imply’ that there is a directory there, but in fact here isn’t.

http://www.example.com/user/anthony/index.php

would become similar to…

http://www.example.com/index.php?module=user&username=anthony

the user module would require no special permissions to view it, thereby negating the need to be authenticated.

In that example, would

http://www.example.com/user/anthony/index.php

exist as an actual directory?

Nope. :slight_smile:

Ok so mod_rewrite can help give me nice looking static URLs? but i’m still a bit confused about how the dynamic URL is created when a user registers? or am I missing your point?

No no, we haven’t got that bit yet. :wink:

Say for example you stored your user details in a database, in your index.php you’d have…


<?php
$modules = array(
    #module name    #module file
    'user'      => 'viewuser.php',
    'account'   => 'account.php'
);

if(true === array_key_exists($_GET['module'], $modules)){
    #include the modules .php file
    include $modules[$_GET['module']];
}else{
    #invalid or missing module, send page not found
    header("HTTP/1.1 404 Not Found");
    exit;
}
?>

Given the url index.php?module=user&username=anthony

…file viewuser.php would be included, which would perfrom the following…


<?php
$username = $_GET['user']
#query database and get users details
#if valid, display them otherwise no such user
?>

Following my incoherent ramblings still?

:smiley:

I’m trying to understand. I think my code is quite different and i’m not sure how what you are showing me would integrate with the way I am currently doing things? Am I doing it wrong?

I was using this tutorial: http://net.tutsplus.com/tutorials/php/user-membership-with-php


   1. <?php include "base.php"; ?>  
   2. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">  
   3. <html xmlns="http://www.w3.org/1999/xhtml">    
   4. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />    
   5.   
   6. <title>User Management System (Tom Cameron for NetTuts)</title>  
   7. <link rel="stylesheet" href="style.css" type="text/css" />  
   8. </head>    
   9. <body>    
  10. <div id="main">  
  11. <?php  
  12. if(!empty($_POST['username']) && !empty($_POST['password']))  
  13. {  
  14.     $username = mysql_real_escape_string($_POST['username']);  
  15.     $password = md5(mysql_real_escape_string($_POST['password']));  
  16.     $email = mysql_real_escape_string($_POST['email']);  
  17.       
  18.      $checkusername = mysql_query("SELECT * FROM users WHERE Username = '".$username."'");  
  19.        
  20.      if(mysql_num_rows($checkusername) == 1)  
  21.      {  
  22.         echo "<h1>Error</h1>";  
  23.         echo "<p>Sorry, that username is taken. Please go back and try again.</p>";  
  24.      }  
  25.      else  
  26.      {  
  27.         $registerquery = mysql_query("INSERT INTO users (Username, Password, EmailAddress) VALUES('".$username."', '".$password."', '".$email."')");  
  28.         if($registerquery)  
  29.         {  
  30.             echo "<h1>Success</h1>";  
  31.             echo "<p>Your account was successfully created. Please <a href=\\"index.php\\">click here to login</a>.</p>";  
  32.         }  
  33.         else  
  34.         {  
  35.             echo "<h1>Error</h1>";  
  36.             echo "<p>Sorry, your registration failed. Please go back and try again.</p>";      
  37.         }         
  38.      }  
  39. }  
  40. else  
  41. {  
  42.     ?>  
  43.       
  44.    <h1>Register</h1>  
  45.       
  46.    <p>Please enter your details below to register.</p>  
  47.       
  48.     <form method="post" action="register.php" name="registerform" id="registerform">  
  49.     <fieldset>  
  50.         <label for="username">Username:</label><input type="text" name="username" id="username" /><br />  
  51.         <label for="password">Password:</label><input type="password" name="password" id="password" /><br />  
  52.         <label for="email">Email Address:</label><input type="text" name="email" id="email" /><br />  
  53.         <input type="submit" name="register" id="register" value="Register" />  
  54.     </fieldset>  
  55.     </form>  
  56.       
  57.     <?php  
  58. }  
  59. ?>  
  60.   
  61. </div>  
  62. </body>  
  63. </html>  

If you want to create the urls you stated in your original post, you either have to use mod_rewrite or upon registration, have your script actually create that physical directory structure, which isn’t advisable.

If you are willing to change your url, you could have a separate script to display the user profile to unauthenticated visitors however.

view-user.php?username=anthony

You’re going to need to decide on how you wish to proceed I’m afraid.

Am i right in thinking if I have a view-user.php page and then redirect www.example.com/user/anthony/ to www.example.com/view-user.php?username=anthony it should work. And then I use mod_rewrite to rewrite the url?

Before enabling the mod_rewrite the url will be looking like

http://www.example.com/index.php?module=user&username=anthony

What you need is a page like www.example.com/user/anthony/

So what he was trying to tell you is to enable the mod_rewrite module of apache . You may want to uncomment it , depending upon the OS ( Googling will get a lot of solutions for the OS you are using ).

You may want to create a .htaccess file in the public folder .

The module=user is a user.php page which may be stored in the module folder or something . You can copy the contents from your file that are needed to printed to user.php after he logs in.

The index.php will be the one which prints the contents of the module files . You should change your index.php file which is shown now to something like

  include_once('header.php');
 // somefunction that fetch the module and prints . Need to confirm whether the module exists , permissions etc here .
 include_once('footer.php'); 

I think you may need to look more inorder to know how it works . These techniques are very much useful in security also. You may need to look more … :slight_smile: