Creating a php hyperlink using variables

Question

I am using a PHP code from several different files that validates a log-in then redirects the user to a success page. On the page I would like to welcome the user and then give them a link that redirects them to their personal service page.

This is the validation code

<?php
$host="host"; // Host name 
$username="admin"; // Mysql username 
$password="********"; // Mysql password 
$db_name="users"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

// Check if Remember Me is Checked
if (isset($_POST['remember'])) {
    $remember = $_POST['remember'];
    if ($remember == 'rememberme') {
        $remember = 'checked';
    }
}
if($remember='checked' && $count==1){
    setcookie("extendloginwwd", "$myusername", time()+50400);
    // Register $myusername, $mypassword and redirect to file
"http://mydomain.co.cc/php/login_success.php"
    $_SESSION['username'] = "myusername";
    $_SESSION['password'] = "mypassword";
    header("location:http://mydomain.co.cc/php/login_success.php");
}
elseif($count==1){
    // Register $myusername, $mypassword and redirect to file
"http://mydomain.co.cc/php/login_success.php"
    $_SESSION['username'] = "myusername";
    $_SESSION['password'] = "mypassword";
    header("location:http://mydomain.co.cc/php/login_success.php");
}
else {
    echo "Wrong Username or Password";
}
?>

That works fine I have no problems with it. The login_success.php file is the trouble maker.

<?php
session_start();
?>
<!Doctype HTML>
<html>
    <head>
        <title>Login Success</title>
        <link rel="stylesheet" type="text/CSS" href="http://mydomain.co.cc/common.css">
        <?php 
            $user=$username;
            $userdir="http://wolffwebdesign.co.cc/$user";
        ?>
    </head>
    <body>
        <h1>Login Successfull!</h1>
        <p>Welcome <?php echo "$user"?>! Click <?php echo "<a href=$userdir>here</a>";?> to visit your service page to see how we are doing!
    </body>
</html>

Let's say that $myusername="john". I would want the page to display something like:

Welcome John! Click here to visit your service page to see how we are doing!

Notice it says the username and also the link leads to mydomain.co.cc/ john

Instead I get something like:

Welcome ! Click here to visit you service page to see how we are doing!

Notice it does not says the username and the link leads back to my homepage.

Thank you for any help provided.

Answer 1

Yes because you put like this $username=$user and you do not initialize $user anywhere. To initializae $user you should do $user=$username but keep in mind that $username is actually the username from the mysql database.

In PHP

$variable (before = means this gets the value) = $value (after = means this is the value to be taken)

Better do $user = $_SESSION['username']

Answer 2

You should save all user data in the session ($_SESSION['user']) which holds all the data you fetched with your sql query. So username, (real)name, etc. On the welcome page you could then personalize your text with eg "Welcom "