How to display logged-in user information in PHP?

In this article, we will learn how to display logged-in user information using PHP sessions. When building web applications with authentication, displaying user information on various pages provides a personalized experience for users.

We can implement user authentication and display logged-in user information using PHP sessions along with HTML forms. Let's explore this with practical examples.

Basic User Authentication System

This example demonstrates a complete login system with user authentication and information display

Filename: login.php

<?php
   session_start();

   if (isset($_POST['username']) && isset($_POST['password'])) {
      $username = $_POST['username'];
      $password = $_POST['password'];

      // Check if username and password are correct
      if ($username === 'admin' && $password === 'password') {
         $_SESSION['username'] = $username;
         header('Location: dashboard.php');
         exit();
      } else {
         $error_message = 'Invalid username or password';
      }
   }
?>

<!DOCTYPE html>
<html lang="en">
<head>
   <title>Login Page</title>
</head>
<body>
   <h2>Login</h2>
   
   <?php if (isset($error_message)): ?>
      <p style="color: red;"><?php echo $error_message; ?></p>
   <?php endif; ?>

   <form method="post">
      <label>
         Username:
         <input type="text" name="username" required>
      </label>
      <br><br>
      <label>
         Password:
         <input type="password" name="password" required>
      </label>
      <br><br>
      <button type="submit">Log In</button>
   </form>
</body>
</html>

Filename: dashboard.php

<?php
   session_start();

   // Check if user is logged in
   if (!isset($_SESSION['username'])) {
      header("Location: login.php");
      exit;
   }

   // Retrieve user information from session
   $username = $_SESSION['username'];
?>

<!DOCTYPE html>
<html lang="en">
<head>
   <title>Dashboard</title>
</head>
<body>
   <h2>Welcome to Dashboard</h2>
   <p>Your username is: <strong><?php echo htmlspecialchars($username); ?></strong></p>
   <p><a href="logout.php">Logout</a></p>
</body>
</html>

Filename: logout.php

<?php
   session_start();

   // Unset all session variables
   $_SESSION = array();

   // Destroy the session
   session_destroy();

   // Redirect to login page
   header("Location: login.php");
   exit;
?>

Advanced User Profile Display

This example shows how to display detailed user information on a profile page

Filename: profile.php

<?php
   session_start();

   // Check if user is logged in
   if (!isset($_SESSION['username'])) {
      header("Location: login.php");
      exit;
   }

   $username = $_SESSION['username'];

   // Simulate user data (in real application, fetch from database)
   $user_info = array(
      'username' => $username,
      'name' => 'John Doe',
      'email' => 'john.doe@example.com',
      'phone' => '+1-234-567-8900',
      'role' => 'Administrator',
      'last_login' => date('Y-m-d H:i:s')
   );
?>

<!DOCTYPE html>
<html lang="en">
<head>
   <title>User Profile</title>
   <style>
      .profile-info { border: 1px solid #ccc; padding: 20px; margin: 10px 0; }
   </style>
</head>
<body>
   <h1>Welcome, <?php echo htmlspecialchars($user_info['name']); ?>!</h1>
   
   <div class="profile-info">
      <h2>Profile Information</h2>
      <p><strong>Username:</strong> <?php echo htmlspecialchars($user_info['username']); ?></p>
      <p><strong>Full Name:</strong> <?php echo htmlspecialchars($user_info['name']); ?></p>
      <p><strong>Email:</strong> <?php echo htmlspecialchars($user_info['email']); ?></p>
      <p><strong>Phone:</strong> <?php echo htmlspecialchars($user_info['phone']); ?></p>
      <p><strong>Role:</strong> <?php echo htmlspecialchars($user_info['role']); ?></p>
      <p><strong>Last Login:</strong> <?php echo htmlspecialchars($user_info['last_login']); ?></p>
   </div>
   
   <p><a href="dashboard.php">Back to Dashboard</a> | <a href="logout.php">Logout</a></p>
</body>
</html>

Key Security Considerations

Note: In production applications, store user credentials securely in a database with proper password hashing using password_hash() and verify with password_verify().

Conclusion

Displaying logged-in user information in PHP requires proper session management and authentication checks. Use htmlspecialchars() to prevent XSS attacks when displaying user data, and always validate user sessions before showing sensitive information.