How to retrieve specific user data during a session - user-data

I have a profile system set up on my site where users can sign up, fill in their username, password, and a short "about me" description. When viewing their profile, I can't seem to get the "about me" stuff to show up correctly. It keeps displaying ALL of the aboutme information from every user on the table instead of the current user's profile.
Here's what I have
$query = mysql_query("select aboutme from plus_signup");
while ($row = mysql_fetch_array($query)) {
echo $row['aboutme']. " ";
}
What am I doing wrong?

It seems that you request on ALL your table, without conditions.
Maybe you missed something like
$query = mysql_query("select aboutme from plus_signup where id=".$user_id);
...

Related

how to auto login after submitting sign up form in php?

i am using php mysqli coding,i create sign up form and login form both are working separately but now i want to provide login after sign up successfully.
this is my sign up code:
{
# insert data into mysql database
$sql = "INSERT INTO `users` (`id`, `username`, `password`, `phone`, `email`)
VALUES (NULL, '{$name}', '{$password}', '{$phone}', '{$email}')";
$query="SELECT * FROM users WHERE email= '$email'";
if ($mysqli->query($sql)) {
$reslt=$mysqli->query($query);
$usr=$reslt->fetch_array();
$_SESSION[user_email]=$usr['email'];
redirect_to("profile.php?email={$_SESSION['user_email']}");
} else {
echo "<p>MySQL error no {$mysqli->errno} : {$mysqli->error}</p>";
exit();
}
}
I tried this way but insertion operation is doing properly but page is refreshing and not redirecting to "profile.php" which is i mentioned in code
first of all, I would suggest that for for a login you check both email and password. Your query should look like:
$query="SELECT * FROM users WHERE email= '$email' and password = '$password'";
Next, if ($mysqli->query($sql)) { just verifies if the sql operation has succeeded. If the user and password are wrong, the sql will succeed but you will have no rows returned.
What you have to do is to verify that you have only 1 row returned by the query. In fact your code should more look like:
...
// check how many users correspond to the query
// ! the result will be an arry
$users = $reslt->fetch_array();
// if I have only one user, login is successfull
if(count($users) === 1) {
$_SESSION['user_email'] = $users[0]['email'];
} else {
// login failed
}
...

Facebook Profile Pic API - get someone's full photo

I know how to get someone's thumbnail via the Facebook API, but how do you get the person's full profile pic? What permissions are necessary to do this?
Append type=large to the query string. For example https://graph.facebook.com/100/picture?type=large
The full profile picture can not be retrieved via the user's picture connection (https://UID/picture?type=large will only return a picture of about 200x200).
To get the largest version of the profile picture stored on Facebook, you need to access the user's profile photo album. This requires user_photos permission.
The full profile picture can be retrieved by iterating over the albums, looking for the album which has the the type 'profile' and then getting its cover page:
public function getProfilePictureMaxUrl($facebook,$uid,$userAccessToken) {
$params = array('access_token' => $userAccessToken);
$r = $facebook->api('/'.$uid.'/albums',$params);
foreach ($r['data'] as $album) {
if ($album['type'] == 'profile') {
//retrieve information about this album
$r = $facebook->api('/'.$album['id'],$params);
$pid = ($r['cover_photo']);
//retrieve information about this photo
$r = $facebook->api('/'.$pid,$params);
return $r['source'];
}
}
//Profile folder not found (could be because of paging)
error_log('Failed to retrieve profile folder for uid '.$uid);
return false;
}

Facebook PHP-SDK + jQuery AJAX

Im creating a Facebook app using PHP-SDK.
In order to find a user's uid I do:
index.php file
$user_id = $facebook->getUser();
if($user_id == 0) // not logged in user
{
// do stuff to log in user and get the current user id
}
Inside index.php file I have the following jQuery code:
var get_url =
'do_stuff.php?id=' + <?php echo $user_id; ?> + '&field1=' + field1 + '&field2='+ field2;
$.get(get_url, function(data) {
alert("data: " + data);
});
do_stuff.php inserts data on my MySQL database based on field1 and field2. I want to be sure that the data inserted are really from user with $user_id. And not just somebody who did a fake request like:
http://myapp.com/do_stuff.php?id=fake_user_id&field1=...&field2=...
So, I added the $user_id = $facebook->getUser(); at do_stuff.php but instead of returning the current user id (which is visible at index.php), it returns 0 which means no user is logged in. Why is this?
How I can fix it? So I will be sure that the data inserted on my MySQL database are from a real user and not a fake one?
This is because as far as do_stuff.php is concerned, no one is logged in. You probably need to look at capturing the access token and using that in do_stuff.php.

Facebook Invite User, retrieving the data field

Hi when my application lets a user invite their friends, I would like to append a tracking tag in the data field so that when someone receives that invite, I will be able to retrieve that tracking tag.
My problem is that once I pass the tracking tag, I don't know how to retrieve it when a user clicks on an application request.
My code for the invitation is
FB.ui(
{
method: 'apprequests',
message: 'You should learn more about this awesome game.',
data: UniqTrackIDInvite //a randomly generated number
},
and on my landing page, where a new user decides to accept my app or not after clicking on the, I would like to have a way to retrieve this
getting the request ids:
if(isset($_REQUEST['request_ids']))
$reqIds = explode(',', $_REQUEST['request_ids']);
you may store them in the session to use them later
this is the api call:
public function getInvitationData($reqId){
return $facebook->api('/'.$reqId, 'GET', array('access_token'=>$accessToken));
}
as the user may be invited by more than one user, he can hav several invites, so make a loop. also use a try/catch block, as a request id, which is already deleted, will throw an exception
foreach($reqIds as $reqId) {
try{
$invite = $application->facebook->getInvitationData($reqId);
$data = explode('.', $invite['data']);
if(sizeof($data) >= 3) list($in, $from, $code)=$data;
// tadaaa
echo $code;
}
}

Joomla JUser getinstance Questions

I am attempting to make an authentication plugin. JUser::getInstance() takes one input, and it is supposed to be the id. Is there any way to get an instance of a User using some other indentifier? such as username, email etc.
Probably there isnt any such method. But yes if you are sure that username or email are unique then you can modify your file user.php in libraries/joomla/user/ and add a method there.
getInstanceByEmail($email)
{
$query = "select id from jos_users where email=".email;
// use the code to get the id;
return getInstance($id);
} // this is just a sample code of how it can be achieved
Since Joomla's own authentication is done by checking the user's username (and password of course), it has to be unique. And yes you can do something like what #Rixius suggested.
Here's my version:
// Get a database object
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select('id, password');
$query->from('#__users');
$query->where('username=' . $db->Quote($credentials['username']));
$db->setQuery($query);
$result = $db->loadObject();
$user = JFactory::getUser();
if ($result)
{
$user = JUser::getInstance($result->id);
}