help with sessions please
Posted: Sat Jan 08, 2011 7:01 am
Hi, I have a problem which has kept me up for a week now. I am new to all this and am creating a page in dreamweaver which has 4 sql tables all with 'userid' as a common denominator. I am trying to create a session variable through a log in page (username and pass) to display the results for that user from the 4 sql tables on a 'profilesummary' page. However I can not register userid and therefore all results from the tables are displayed on the profile summary page - I can't link it to the log in info. Here is the php code from the 'profilesummary' page where I am trying to set the SESSION and it comes out NULL. Can anyone help please!!! I want to sleep!!! I would very much appreciate any help anyone may be able to provide. Thanks in advance.
Code: Select all
<?php require_once('Connections/recommendingpeople.php'); ?>
<?php
session_start();
?><?php
($_SESSION['userid'] = $rsusername.userid);
$query= 'SELECT userid FROM username WHERE username.username = $MM_Username';
$result = mysql_query($query);
echo gettype($array['userid']);?>
<?php echo $_SESSION['userid']; ?>
<?php
$currentPage = $_SERVER["PHP_SELF"];
$colname_rsusername = "1";
if (isset($_SESSION['MM_Username'])) {
$colname_rsusername = (get_magic_quotes_gpc()) ? $_SESSION['MM_Username'] : addslashes($_SESSION['MM_Username']);
}
mysql_select_db($database_recommendingpeople, $recommendingpeople);
$query_rsusername = sprintf("SELECT * FROM username WHERE username = '%s'", $colname_rsusername);
$rsusername = mysql_query($query_rsusername, $recommendingpeople) or die(mysql_error());
$row_rsusername = mysql_fetch_assoc($rsusername);
$totalRows_rsusername = mysql_num_rows($rsusername);
$colname_rsbusinessdetails = "1";
if (isset($_SESSION['userid'])){
$colname_rsbusinessdetails = (get_magic_quotes_gpc()) ? $_SESSION['userid'] : addslashes($_SESSION['userid']);
}
mysql_select_db($database_recommendingpeople, $recommendingpeople);
$query_rsbusinessdetails = sprintf("SELECT * FROM businessdetails WHERE userid = %s", $colname_rsbusinessdetails);
$rsbusinessdetails = mysql_query($query_rsbusinessdetails, $recommendingpeople) or die(mysql_error());
$row_rsbusinessdetails = mysql_fetch_assoc($rsbusinessdetails);
$totalRows_rsbusinessdetails = mysql_num_rows($rsbusinessdetails);
$colname_rsbusinessdescription = "1";
if (isset($_SESSION['userid'])) {
$colname_rsbusinessdescription = (get_magic_quotes_gpc()) ? $_SESSION['userid'] : addslashes($_SESSION['userid']);
}
mysql_select_db($database_recommendingpeople, $recommendingpeople);
$query_rsbusinessdescription = sprintf("SELECT * FROM businessdescription WHERE userid = %s", $colname_rsbusinessdescription);
$rsbusinessdescription = mysql_query($query_rsbusinessdescription, $recommendingpeople) or die(mysql_error());
$row_rsbusinessdescription = mysql_fetch_assoc($rsbusinessdescription);
$totalRows_rsbusinessdescription = mysql_num_rows($rsbusinessdescription);
$colname_rsrecommendations = "1";
if (isset($_SESSION['userid'])) {
$colname_rsrecommendations = (get_magic_quotes_gpc()) ? $_SESSION['userid'] : addslashes($_SESSION['userid']);
}
mysql_select_db($database_recommendingpeople, $recommendingpeople);
$query_rsrecommendations = sprintf("SELECT * FROM recommendations WHERE userid = %s", $colname_rsrecommendations);
$rsrecommendations = mysql_query($query_rsrecommendations, $recommendingpeople) or die(mysql_error());
$row_rsrecommendations = mysql_fetch_assoc($rsrecommendations);
$totalRows_rsrecommendations = mysql_num_rows($rsrecommendations);
$maxRows_rsrecommendations = 10;
$pageNum_rsrecommendations = 0;
if (isset($_GET['pageNum_rsrecommendations'])) {
$pageNum_rsrecommendations = $_GET['pageNum_rsrecommendations'];
}
$startRow_rsrecommendations = $pageNum_rsrecommendations * $maxRows_rsrecommendations;
$colname_rsrecommendations = "1";
if (isset($_SESSION['userid'])) {
$colname_rsrecommendations = (get_magic_quotes_gpc()) ? $_SESSION['userid'] : addslashes($_SESSION['userid']);
}
mysql_select_db($database_recommendingpeople, $recommendingpeople);
$query_rsrecommendations = sprintf("SELECT * FROM recommendations WHERE userid = %s", $colname_rsrecommendations);
$query_limit_rsrecommendations = sprintf("%s LIMIT %d, %d", $query_rsrecommendations, $startRow_rsrecommendations, $maxRows_rsrecommendations);
$rsrecommendations = mysql_query($query_limit_rsrecommendations, $recommendingpeople) or die(mysql_error());
$row_rsrecommendations = mysql_fetch_assoc($rsrecommendations);
if (isset($_GET['totalRows_rsrecommendations'])) {
$totalRows_rsrecommendations = $_GET['totalRows_rsrecommendations'];
} else {
$all_rsrecommendations = mysql_query($query_rsrecommendations);
$totalRows_rsrecommendations = mysql_num_rows($all_rsrecommendations);
}
$totalPages_rsrecommendations = ceil($totalRows_rsrecommendations/$maxRows_rsrecommendations)-1;
$queryString_rsrecommendations = "";
if (!empty($_SERVER['QUERY_STRING'])) {
$params = explode("&", $_SERVER['QUERY_STRING']);
$newParams = array();
foreach ($params as $param) {
if (stristr($param, "pageNum_rsrecommendations") == false &&
stristr($param, "totalRows_rsrecommendations") == false) {
array_push($newParams, $param);
}
}
if (count($newParams) != 0) {
$queryString_rsrecommendations = "&" . htmlentities(implode("&", $newParams));
}
}
$queryString_rsrecommendations = sprintf("&totalRows_rsrecommendations=%d%s", $totalRows_rsrecommendations, $queryString_rsrecommendations);
?>
<?php $MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && true) {
$isValid = true;
}
}
return $isValid;
}
$MM_restrictGoTo = "index.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>