Display username on webpage after login

djboziah · June 10, 2020, 11:37pm

I have created a successful registration and login using php and my sql. I want to add code to display username on top of my page when user successfully logs in, but i am not sure the code to add and where to add it in my existing code. Here is my php code.

<?php 
	session_start();

	// variable declaration
	$username = "";
	$email    = "";
	$errors = array(); 
	$_SESSION['success'] = "";

	// connect to database
	$db = mysqli_connect('localhost', 'xxxxxx', 'xxxxxx', 'xxxxxx');

	// REGISTER USER
	if (isset($_POST['reg_user'])) {
		// receive all input values from the form
		$username = mysqli_real_escape_string($db, $_POST['username']);
		$email = mysqli_real_escape_string($db, $_POST['email']);
		$password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
		$password_2 = mysqli_real_escape_string($db, $_POST['password_2']);

		// form validation: ensure that the form is correctly filled
		if (empty($username)) { array_push($errors, "Username is required"); }
		if (empty($email)) { array_push($errors, "Email is required"); }
		if (empty($password_1)) { array_push($errors, "Password is required"); }

		if ($password_1 != $password_2) {
			array_push($errors, "The two passwords do not match");
		}

		// register user if there are no errors in the form
		if (count($errors) == 0) {
			$password = md5($password_1);//encrypt the password before saving in the database
			$query = "INSERT INTO users (username, email, password) 
					  VALUES('$username', '$email', '$password')";
			mysqli_query($db, $query);

			$_SESSION['username'] = $username;
			$_SESSION['success'] = "You are now logged in";
			header('location:index.php');
		}

	}

	// ... 

	// LOGIN USER
	if (isset($_POST['login_user'])) {
		$username = mysqli_real_escape_string($db, $_POST['username']);
		$password = mysqli_real_escape_string($db, $_POST['password']);

		if (empty($username)) {
			array_push($errors, "Username is required");
		}
		if (empty($password)) {
			array_push($errors, "Password is required");
		}

		if (count($errors) == 0) {
			$password = md5($password);
			$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
			$results = mysqli_query($db, $query);

			if (mysqli_num_rows($results) == 1) {
				$_SESSION['username'] = $username;
				$_SESSION['success'] = "You are now logged in";
				header('location:index.html');
			}else {
				array_push($errors, "Wrong username/password combination");
			}
		}
	}

?>

benanamen · June 11, 2020, 1:56am

You have a more pressing issues to handle first.

DO NOT use md5 for passwords. Use password_hash and password_verify
Never ever put variables in your query. Use Prepared Statements.

droopsnoot · June 11, 2020, 8:32am

As well as the above, the code you posted isn’t where you will need to display the username. Once the user successfully logs in, you redirect them to index.html, so that is where you will need to display the username. I would imagine that will need to be changed to index.php unless there is a JS way of accessing your session variable.

djboziah · June 11, 2020, 8:42am

I am new with with coding.I need to display the logged in username on my index.html page, so i need to post the code on my index.html?

droopsnoot · June 11, 2020, 10:07am

You do, but if it’s going to be PHP code, you’ll need to rename it index.php otherwise your server probably won’t parse it for PHP code.

djboziah · June 12, 2020, 9:01am

This has been solved.

system · September 11, 2020, 4:01pm

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.