PHP Sessions, unsure how to apply them
Posted: Wed May 20, 2009 6:00 pm
Hi guys
I am having trouble getting a session to work, I have the registration page working, have my login area accepting the username and password to the point where I see the message "Login Successful" as I asked to happen in one of the login documents I created.
The trouble is that when returning to one of the pages Ive created, on which a menu appears for logged in users, it does not appear.
I have followed tutorials to learn what I know and where Ive referenced from one to benefit the other I think Ive got my wires crossed, If I post the area that I think is the problem could someone clarify what I need to do where?
Obviously theres no session set here right? So I've tried to take this code....
But this generates an error on the last line of the first bit of code. Am unsure where I'm going wrong and apologise in advance for any stupidity on my part
I am having trouble getting a session to work, I have the registration page working, have my login area accepting the username and password to the point where I see the message "Login Successful" as I asked to happen in one of the login documents I created.
The trouble is that when returning to one of the pages Ive created, on which a menu appears for logged in users, it does not appear.
I have followed tutorials to learn what I know and where Ive referenced from one to benefit the other I think Ive got my wires crossed, If I post the area that I think is the problem could someone clarify what I need to do where?
Code: Select all
<?php
// Connect to server and select databse.
$host="picfrisky.com"; // Host name
$username="example"; // Mysql username
$password="example"; // Mysql password
$db_name="users_db"; // Database name
$tbl_name="users"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password=MD5('$mypassword')";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password...";
}
?>
Code: Select all
if ($rowcount==1)
{
//log the user in
$_SESSION['user']=$post_username;
$_SESSION['id']=$id;
echo $_SESSION['user'].", you have been logged in! <a href='hshsite.php'>Return</a> to the main page.";
}