How to display logged in user information in PHP ?
In social networking websites like Facebook, Instagram, etc, the username and profile picture of the user that has logged in gets displayed in the header of the website, and that header remains constant, irrespective of the webpage the user has opened. Such functionality can be created by using the session variables.
Session variables exist only while the user’s session is active. After the session is complete, the session variables get destroyed. These are unique for each visitor and are generally used to store user-specific information such as the username, profile picture etc, once the user logs in.
The session variables are used to display logged in user information in PHP.
Project Explanation and Code:
This is a simple registration system. The register.php page asks for the desired username, email, and password of the user, and then sends the entered data into the database, once the submit button is clicked. After this, the user is redirected to the index.php page where a welcome message and the username of the logged-in user is displayed.
The first step is to create a database, and then a table inside it. The database is named ‘registration’, and the table is named ‘users’. The ‘users’ table will contain 4 fields.
- id – primary key – auto increment
- username – varchar(100)
- email – varchar(100)
- password – varchar(100)
The ‘id’ will be the primary key, it means that it will be unique for every registered user. It will also auto-increment for every new registration. The data type for username, email and password will be varchar. The size can be adjusted as per the requirement however, 100 is sufficient.
SQL code for the table:
Explanation: The error.php file is responsible for holding the error messages of the system. Suppose the user enters the wrong username and password combination, then in such cases, the error messages will be stored in the $error variable, which will then be displayed to the user using ‘echo; function of PHP.
Explanation: The session is started using session_start() method. After that, the variables are declared and an error array is created. It will store all the error messages. The server.php page is then connected to the ‘registration’ database created earlier. After the user clicks the ‘register’ button on the register.php button, the data entered is sent to the database, and this completes a new registration. However, form validation is done before that to make sure that the user is filling the form correctly. All the fields are required and cannot be left blank.
Line 18 – 21: mysqli_real_escape_string escapes the special characters before sending the data to the database. This is essential for database security from SQL injections.
Line 25 – 27: These lines makes sure that the user is filling all the input boxes, and whether the ‘password’ and ‘confirm password’ matches. If both the password matches, then the code further runs.
Line 29 – 32: Checking whether the password matches or not.
Line 35 – 46: If the number of errors until this point is zero, the password is then ‘md5’ encrypted and the data entered is sent to the database. After the registration process is complete, the username is stored in the session variable, and the user is redirected to the index.php page, where he is asked to enter the login credentials.
Line 50 – 80: First the username and password entered in sanitized. This is essential to increase database security, as it eliminates the chances of any SQL injection. The user gets an error message if the username or the password field is left blank.
If the number of errors until this point of code is found to be 0, then a database check is run. If the username entered by the user is found to be present in the database, then the user successfully logs in. The user is then redirected to the ‘index.php’ page.
Explanation: Login page of the system. The user has to enter the username and password to successfully log in. After the login button is pressed, the login code written in the server.php page is run, which does all the backend work, like checking whether the username and password match or not.
Explanation: This page contains the HTML coding of the registration page. The ‘server.php’, and ‘errors.php’ pages are included in lines 01 and 15 respectively. This is necessary to make the backend of the registration system work. The user is asked to enter the username, email, and password to create an account. After the input fields are filled, the data entered is sent to the database table.
Line 01 – 19: The username that was stored in the session variable is now displayed back to the user. This session variable can either be destroyed using unset($_SESSION[“products”]) or session_destroy(). However, session_destroy() will destroy all the session variables at once. To destroy only the ‘username’ session variable, it will be better to unset the variable using unset($_SESSION[“products”]).
Line 34 – 42: This makes sure that this page is accessible only to those users that are logged in.
Line 45 – 50: This displays a personalized welcome message to the user once they log in.
How to run this project?
The source codes of this project can be obtained from this GitHub repository.
After downloading and unzipping the project, follow the given steps to run the program:
- Download all the files, or clone the repository into your local system.
- Create a database named ‘registration’, and a table named ‘users’. The MySQL code of the table has been provided above.
- Use XAMP or WAMP to run the system on localhost.
- Make sure that the necessary ports to run Apache and MySQL server are free. If not, then you will have to change the port numbers.
HTML is the foundation of webpages, is used for webpage development by structuring websites and web apps.You can learn HTML from the ground up by following this HTML Tutorial and HTML Examples.
PHP is a server-side scripting language designed specifically for web development. You can learn PHP from the ground up by following this PHP Tutorial and PHP Examples.
Please Login to comment...