Well, I have two pages, one called session.php and the other profile.php. What I'm trying to do is that when the user logs in (obviously already buying what exists in the database), they are redirected to their profile. user in which all your data appears. So far I think I've explained what I'm trying to do, but the way I do it is by using $_SESSION like this:
Session.php
<?php
// Datos para conectar a la base de datos.
// Crear conexión con la base de datos.
$conn = new mysqli($nombreServidor, $nombreUsuario, $passwordBaseDeDatos, $nombreBaseDeDatos);
session_start();
// Obtengo los datos cargados en el formulario de login.
$usuraio = $_POST['username'];
$clave = $_POST['password'];
// Consulta segura para evitar inyecciones SQL.
$q = "SELECT COUNT(*) as contar from usuarios where correo = '$usuraio' and passwordd = '$clave' ";
$consulta = mysqli_query($conn,$q);
$array = mysqli_fetch_array($consulta);
if($array['contar']>0){
$_SESSION['username']=$usuraio;
header('Location: perfil.php ');
//die();
}else{
echo "Datos incorrectos";
}
?>
and profile.php which is supposed to receive the variable of the user that is accessing in this case 'username':
<?php
session_start();
$usuraio = $_SESSION['username'];
echo"<h1>Welcome $usuraio</h1> ";
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
</head>
<body>
</body>
</html>
I think there are better ways to do it, if so, could you just give me a guide on how to look for it or if you are happy to explain it to me. thanks :D
Hello friend try this
your code
change it for that
First of all, I hope that the access data you show is not the real one, and as for the question, I do it this way. The first thing is that you at least filter the POST variables to improve security a bit.
Then I do the query
If the username and password do not exist, I do not let them enter and if, on the contrary, they exist, then what I do there is that I log in and redirect
And finally where I am going to receive it in your case profile.php I keep the session open and I call the variables that I need.