Here is my Code which I need help with
I need to link user_id to user_location in second table, which I wrote out in the bottom of this question
<?php
/**
* Class UserInfo
* handles the insert information about a paricular User
*/
class UserInfo {
private $db_connection = null;
public $errors = array();
public $messages = array();
public function __construct() {
if(isset($_POST["info"])) {
$this->Insert();
}
}
/**
* Handles the Insertion of user Information into database
**/
private function Insert() {
if (empty($_POST['user_location'])) {
$this->errors[] = "Please fillout a location.";
} elseif (!empty($_POST['user_location'])) {
$this->db_connection = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!$this->db_connection->connect_errno) {
$user_id = $_SESSION['user_name'];
$user_location = $this->db_connection->real_escape_string($_POST['user_location']);
$insert = "insert into users_info (user_location) values ('".$user_location."');";
$check_insert = $this->db_connection->query($insert);
if ($check_insert) {
$this->messages[] = "Location inserted into database successfully!";
} else {
$this->errors[] = "Location could not be inserted into database.";
}
}
}
}
}
?>
And here is my Login script
<?php
/**
* Class Login
* handles the user's login and logout process
*/
class Login {
/**
* @var object The database connection
*/
private $db_connection = null;
/**
* @var object Collection of error messages.
*/
public $errors = array();
/**
* @var Collection of success / neutral messages
*/
public $messages = array();
/**
* The function "__construct()" automatically starts whenever an object of this class is created,
* you know, when you do $login = new Login();"
*/
public function __construct() {
// create/read session
session_start();
// check the possible login actions:
// if the user tried to logout ( happens when user clicks logout button )
if (isset($_GET["logout"])) {
$this->doLogout();
}
// login via post data ( if the user just submitted a login form )
elseif (isset($_POST["login"])) {
$this->doLoginWithPostData();
}
} // end function __construct();
/**
* log in with post data
*/
private function doLoginWithPostData() {
// check login form contents
if (empty($_POST['user_name'])) {
$this->errors[] = "Username field is empty.";
} elseif (empty($_POST['user_password'])) {
$this->errors[] = "Password field was empty.";
} elseif (!empty($_POST['user_name']) && !empty($_POST['user_password'])) {
// create a database connection, using the constants from config/db.php
// which we loaded in index.php
$this->db_connection = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
// change character set to utf8 and check it
if(!$this->db_connection->set_charset("utf8")) {
$this->errors[] = $this->db_connection->error;
}
// if no connection errors (working database connection)
if (!$this->db_connection->connect_errno) {
// escape the POST stuff
$user_name = $this->db_connection->real_escape_string($_POST['user_name']);
// database query, getting all the info of the selected user ( allows via email address
// in the username field. )
$sql = "select user_name, user_email, user_password_hash
from users
where user_name = '".$user_name."' or user_email = '".$user_name."';";
$result_of_login_check = $this->db_connection->query($sql);
// if this user exists
if ($result_of_login_check->num_rows == 1) {
// get result row (as an object)
$result_row = $result_of_login_check->fetch_object();
// using PHP 5.5's password_verify() function to check if the provided password fits
// the hash of that user's password
if (password_verify($_POST['user_password'], $result_row->user_password_hash)) {
// write user data into PHP SESSION (a file on your server)
$_SESSION['user_name'] = $result_row->user_name;
$_SESSION['user_email'] = $result_row->user_email;
$_SESSION['user_login_status'] = 1;
} else {
$this->errors[] = "Wrong password. Try again.";
}
} else {
$this->errors[] = "This user does not exist.";
}
} else {
$this->errors[] = "Database connection problem.";
}
}
}
/*
* Preform the logout
*/
public function doLogout() {
// delete the session of the user
$_SESSION = array();
session_destroy();
// return a little feeback message
$this->messages[] = "You have been logged out.";
}
/**
* simply return the current state of the user's login
* @return boolean user's login status
*/
public function isUserLoggedIn() {
if (isset($_SESSION['user_login_status']) AND $_SESSION['user_login_status'] == 1) {
return true;
}
// default return
return false;
}
} // ------> Close class Login
?>
Here is my Database (mySQL)
CREATE TABLE IF NOT EXISTS users (
user_id int(11) NOT NULL AUTO_INCREMENT,
user_name varchar(64) NOT NULL,
user_password_hash varchar(255) NOT NULL,
user_email varchar(64) NOT NULL,
PRIMARY KEY (user_id),
UNIQUE KEY user_name (user_name),
UNIQUE KEY user_email (user_email)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
CREATE TABLE IF NOT EXISTS users_info (
user_id int(11) NOT NULL,
user_location varchar(255) NOT NULL,
PRIMARY KEY (user_id) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
Forign constrants = login2, users, user_id (sorry cant post image yet, need 10 reputation)
Which kind of coding is this ? You are breaking all the concepts of OOPS.
Problem with your existing code and must be resolved first -
Class UserInfo
You are creating datamembers public. It is breaking the concept of data hiding. Your datamember should be assigned values through the functions . Instead of : public $errors = array();
public $messages = array(); use: private $errors = []; PHP >=5.4
private $messages = []; PHP >=5.4
Constructors should not be used for these kind of operation.
Class Login
Again data hiding concept missing
Don't use session start in the constructor instead of this use session start in the very first line of your entry script.
Number of table column and values in insert query are equal.
For Example
INSERT INTO table_name (column1, column2, column3)
VALUES (value1, value2, value3)
So your insert query would be
$insert = "insert into users_info (user_location) values ( '".$user_location."')";
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.