Storing info in session

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Rabastan
Forum Newbie
Posts: 6
Joined: Thu May 24, 2012 12:14 pm

Storing info in session

Post by Rabastan »

Rather new to PHP but I am learning

I have a simple login system for a website, and a table for users.

user table has these fields;

id
firstname
lastname
email
username
password

What I would like to do is store the first and last name along with the username and passord in the session also in order to display "Welcome FIRSTNAME LASTNAME" on the site

Code is as follows;

main_login.php

Code: Select all

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
and

checklogin.php

Code: Select all

$host="localhost"; // Host name 
$username="******"; // Mysql username 
$password="*****"; // Mysql password 
$db_name="*****"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:index.php");
}
else {
echo "Wrong Username or Password";
}
?>
Any help is appreciated Thank You
Rab
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: Storing info in session

Post by requinix »

So what's the question? Is it not saving? You need a call to session_start() before you can use session data; make sure you put it before any output.

Also,
1. There shouldn't be any reason for you to store the password in the session.
2. Don't use session_register(). Just set the values directly in the $_SESSION array.
Rabastan
Forum Newbie
Posts: 6
Joined: Thu May 24, 2012 12:14 pm

Re: Storing info in session

Post by Rabastan »

I would like to store the name also so I can use it on the site.

rab
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: Storing info in session

Post by requinix »

Rabastan wrote:I would like to store the name also so I can use it on the site.
Which has nothing to do with what I said so... Okay, sure.
Post Reply