1

How to make a notification that echoes the username of the specific user , not the level of the user

For example the user logins , an alert will pop out and says , welcome customer , what i want is to change the customer to the name of the person.

Thank you very much.

this is my code

<?php
    include('conn.php');
    session_start();
    function check_input($data) {
        $data = trim($data);
        $data = stripslashes($data);
        $data = htmlspecialchars($data);
        return $data;
    }

    if ($_SERVER["REQUEST_METHOD"] == "POST") {
        $username=check_input($_POST['username']);

        if (!preg_match("/^[a-zA-Z0-9_]*$/",$username)) {
            $_SESSION['msg'] = "Username should not contain space and special characters!"; 
            header('location: index.php');
        }
        else{

        $fusername=$username;

        $password = check_input($_POST["password"]);
        $fpassword=md5($password);

        $query=mysqli_query($conn,"select * from `user` where username='$fusername' and password='$fpassword'");

        if(mysqli_num_rows($query)==0){
            $_SESSION['msg'] = "Login Failed, Invalid Input!";
            header('location: index.php');
        }
        else{

            $row=mysqli_fetch_array($query);
            if ($row['access']==1){
                $_SESSION['id']=$row['userid'];
                ?>
                <script>
                    window.alert('Login Success, Welcome Admin!');
                    window.location.href='admin/';
                </script>
                <?php
            }
            elseif ($row['access']==2){
                $_SESSION['id']=$row['userid'];
                ?>
                <script>
                    window.alert('Login Success, Welcome User!');
                    window.location.href='user/';
                </script>
                <?php
            }
            else{
                $_SESSION['id']=$row['userid'];
                ?>
                <script>
                    window.alert('Login Success, Welcome Supplier!');
                    window.location.href='supplier/';
                </script>
                <?php
            }
        }

        }
    }
?>
Kim
  • 35
  • 6
  • You want web-based notification or mobile push notification? Not clear... – Bits Please Apr 04 '18 at 09:00
  • `$fpassword=md5($password);` ... **Nope!** – CD001 Apr 04 '18 at 09:02
  • 1
    Just change the `user roles` with `` - change `first_name` to the field name you have in db table. – Karlo Kokkak Apr 04 '18 at 09:03
  • 1
    @KarloKokkak Thank you , it works now! – Kim Apr 04 '18 at 09:13
  • @CD001 what should i change it to? – Kim Apr 04 '18 at 09:15
  • 1
    @Kim - `md5()` has been obsolete for years, see [password_hash()](http://php.net/manual/en/function.password-hash.php); though every password in the database already will need updating afterwards. – CD001 Apr 04 '18 at 09:19
  • @cd001 ok thank you for you help also , if i change it to password_hash() would i start over in coding my register? – Kim Apr 04 '18 at 09:23
  • 'fraid so - anywhere you'd previously done anything with an `md5()` password hash *really* needs to be redone; so register, login, update functionality - the lot. – CD001 Apr 04 '18 at 10:03

2 Answers2

0

Let's say you have mentioned username field present in database.

 $row=mysqli_fetch_array($query);
if ($row['access']==1)
{
    $_SESSION['id']=$row['userid'];
    $_SESSION['username']=$row['username'];
    ?>
    <script>
        window.alert('Login Success, Welcome Admin!');
        window.location.href='admin/';
    </script>
    <?php
}
elseif ($row['access']==2){
    $_SESSION['id']=$row['userid'];
    $_SESSION['username']=$row['username'];
    ?>
    <script>

        var username = '<?php echo $_SESSION['username']; ?>';
        var notification_text = "Login Success, Welcome "+username+"!";
        window.alert(notification_text);
        window.location.href='user/';
    </script>
    <?php
}
else{
    $_SESSION['id']=$row['userid'];
    $_SESSION['username']=$row['username'];
    ?>
    <script>
        var username = '<?php echo $_SESSION['username']; ?>';
        var notification_text = "Login Success, Welcome "+username+"!";
        window.alert(notification_text);
        window.location.href='supplier/';
    </script>
    <?php
}

This is how you can access jquery inside PHP and can work on your notifications. P.S - They are not called notification, you can simply call them as an jquery alert.

Bits Please
  • 877
  • 6
  • 23
0

Replace all window.alert to 

   <script>
       window.alert('Login Success, Welcome <?php echo {$fusername}; ?>!');
    </script>

Also use php default password_hash() md5 isnt safe

Joshua
  • 29
  • 2
  • change my password code ? from $fpassword=md5($password); to $fpassword=password_hash() ? Help – Kim Apr 04 '18 at 09:14
  • You need to use password_verify() and password_hash when you are handling the password. Also don't clean the password before hashing Read more about it here [PHP.NET](http://php.net/manual/en/ref.password.php) [StackOverflow.com](https://stackoverflow.com/a/30279440/9084245) [(Pastebin example with your code)](https://pastebin.com/Dn8N0bPX) – Joshua Apr 04 '18 at 09:34