Avatar upload by user

How to make sure that the user’s $id is determined automatically, and it would not be necessary to specify $userid=5 (let’s say) manually, so that the avatar is loaded by the user who is authorized in his account.


Answer 1, authority 100%

Usually, only authorized users are allowed in the avatar upload script. Therefore, you need to find the place where authorization occurs (there is usually something like “if ($user = mysql_fetch_object($auth_query)) $authorized = true;“), and set to session id value.

that is:

session_start();
/*   */
// if ($user = mysql_fetch_object($auth_query))
//   $authorized = true;
if ($user = mysql_fetch_object($auth_query)) {
  $_SESSION['userID'] = $user->id;
  $authorized = true;
  }

And in the avatar upload script use $_SESSION['userID']instead of $userID.

PS: Then to check authorization in any script there should be a line session_start();and you can do this: if (empty($_SESSION['userID'])) die(' ');


Answer 2, authority 50%

Well, most often in such cases, the authorized user is set a COOKIE with the necessary values, for example

when user logs in

if (auth($user_login, $user_password)) // 
{
   set_cookie('id', $user_id);
   set_cookie('auth', md5($user_login.$user_password));
}

And then if the user is authorized, then we can use the $_COOKIE[‘id’] variable


Answer 3, authority 25%

As mentioned above, authorization is required, you can also offer this option:

$user=mysql_fetch_assoc(mysql_query(...)); /*           ...*/
$_SESSION['id']=$user['id'];
//    
if(isset($_SESSION['id']) && mysql_result(mysql_query(..#1..),0)==1)
 {
   $user=mysql_fetch_assoc(mysql_query(..#1..));
 }
/* #1 -    $_SESSION['id'] */

finally: $user[‘id’] – paste where you want….