[SOLVED] Creating a new page?

Hello.

Following from my earlier post; I want to be able to allow users to sign up to my community site, and create a folder from their username.  So their page on the site will be www.site.com/user.

Making the folder part is fine using mk dir.

However, i have no idea of how to create an index.php file that has my profile template on it or how to pump out the correct users data.

I imagine though that the file is created with a variable in it such as $user  = x so that it pumps out the correct user data.

Any help would be great.

Thanks

The function that creates files is fopen().

But, I would use mod_rewrite and a template instead of creating each user a page of his own. This way it will appear like the user has his folder, but everything would go through one file.

Orio.

But, I would use mod_rewrite and a template instead of creating each user a page of his own. This way it will appear like the user has his folder, but everything would go through one file.

 

Orio.

Ah right. I see. Is this easy to do for some one who has a novice knowledge of php?

Or near enough anyway.

However, would this allow people to goto www.site.com/user and see the users profile?

Thanks Orio

Use get variables

You save webspace

<?php
   $uid = intval($_GET['uid']);
   $result = mysql_query("SELECT `user_data1`, `user_data2` FROM `users` WHERE `user_id` = $uid;");
   //...
?>

Thanks for that Lumio.

Im still at a bit of a loss as to where to go and which is the best way to do it!?

Read my posts in this thread: http://www.phpfreaks.com/forums/index.php/topic,140494.0.html

<?php
$username = $_GET["username"];
$q = mysql_query("SELECT * FROM users WHERE username = '$username'");
...
?>

That's not good! (SQL Injection)

Better to allow only Letters, Numbers, Underscores (_), Lines (-) and spaces:

<?php

$username = $_GET["username"];
if (!preg_match('/^[\w\d\s\-_]+$/', $username)) die('wrong username');

$q = mysql_query("SELECT * FROM users WHERE username = '$username'");
$are = mysql_fetch_assoc($q);

echo "Welcome to ".$username."'s profile page.";

?>

And also ... SELECT * ... is very slow. Use

SELECT `user_data1`, `user_data2`, ... FROM ...

That's more quick

Thanks.

Right, done all that.

No errors received, but if i put a username that exists in the table such as nick, it doesnt echo out my name, just 'wrong username'

Any ideas?

Can i just check that these are correct?

Options +FollowSymlinks
RewriteEngine on
RewriteRule ^([^/\.]+) 

profile.php?user=$1 [nc]

<?php
include ("global.php");

$username = $_GET["username"];
if (!preg_match('/^[\w\d\s\-_]+$/', $username)) die('wrong username');

$q = mysql_query("SELECT * FROM users WHERE username = '$username'");
$are = mysql_fetch_assoc($q);

echo "Welcome to ".$username."'s profile page.";

?>

Thanks

Nick

Got it working.

.htaccess file should be set to

RewriteEngine  on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/\.]+)/?$ profile.php?username=$1 [L]

Thanks to all that helped!

What server are you running on? My .htaccess should work :S

Hi textbox!

What username are you trying to use?

if (!preg_match('/^[\w\d\s\-_]+$/', $username)) die('wrong username');

That line allows only a username without any specialchars (except spaces).

So if your username is textbox@y it's wrong.

@Lumio

SOLVED means its solved can posting in solved threads