NeoPHP logged user in query
Quote from noyzen on March 5, 2022, 6:15 pmI'm using neophp in my app to connect mysql.
I want to know if there is a way to create a query like INSERT into a table where username is "logged in neophp username"
So owner of that record will be logged in user.
Any variable or string?
I have tried this in config.php and not working:
$user_name = $_SESSION["username"]; //SQL Queries $sqlAlias[0]="post"; $sqlQuerys[0]="INSERT INTO post (user, text) VALUES ($user_name, ?)"; $sqlMaxUserLevel[0]=-1;Regards.
I'm using neophp in my app to connect mysql.
I want to know if there is a way to create a query like INSERT into a table where username is "logged in neophp username"
So owner of that record will be logged in user.
Any variable or string?
I have tried this in config.php and not working:
$user_name = $_SESSION["username"]; //SQL Queries $sqlAlias[0]="post"; $sqlQuerys[0]="INSERT INTO post (user, text) VALUES ($user_name, ?)"; $sqlMaxUserLevel[0]=-1;
Regards.
Quote from luishp on March 6, 2022, 9:14 pm@noyzen although I think your attempt should work, you can send the user name as a parameter too:
$sqlQuerys[0]="INSERT INTO post (user, text) VALUES (?, ?)";Note that user information is sent back to your application when the user sign-in correctly as a JSON object to the callback subroutine, included the user name.
Returns a JSON object with user data:
id, username, email, level, error (wich would be empty if no error)Regards.
@noyzen although I think your attempt should work, you can send the user name as a parameter too:
$sqlQuerys[0]="INSERT INTO post (user, text) VALUES (?, ?)";
Note that user information is sent back to your application when the user sign-in correctly as a JSON object to the callback subroutine, included the user name.
Returns a JSON object with user data:
id, username, email, level, error (wich would be empty if no error)
Regards.
Quote from noyzen on March 6, 2022, 9:45 pmThanks Luis @luishp
But i dont want client send username as parameter (which can be hacked easily clientside) i need do it on server for example in config.php
i guess cannot do it because neofunctions.php make variable like $username and they cannot be used in config.php and qurey commands.
Thanks Luis @luishp
But i dont want client send username as parameter (which can be hacked easily clientside) i need do it on server for example in config.php
i guess cannot do it because neofunctions.php make variable like $username and they cannot be used in config.php and qurey commands.