Adding sessions to an existing script?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
bedcor
Forum Newbie
Posts: 24
Joined: Fri Jul 26, 2002 11:01 am
Location: Barrie, Ontario

Adding sessions to an existing script?

Post by bedcor »

If I wanted to start using sessions with my login script would i have to change my $user = $HTTP_POST_VARS ['user']; to $user = $_Session['user']?
User avatar
RandomEngy
Forum Contributor
Posts: 173
Joined: Wed Jun 26, 2002 3:24 pm
Contact:

Post by RandomEngy »

You'd do something like:

Code: Select all

$_SESSIONї'user'] = $_POSTї'user'];
Then as long as you've got session_start(); at the top of every page, you can access the $_SESSION['user'] variable on a later page.
bedcor
Forum Newbie
Posts: 24
Joined: Fri Jul 26, 2002 11:01 am
Location: Barrie, Ontario

Post by bedcor »

thanks! :)
bedcor
Forum Newbie
Posts: 24
Joined: Fri Jul 26, 2002 11:01 am
Location: Barrie, Ontario

Post by bedcor »

Can someone tell me if i'm on the right track?
[syntax=php]<?
session_start();

mysql_connect("localhost", "root") or die("Unable to connect to the server.");

mysql_select_db("ijwHotel") or die("Unable to select the database.");

$username = $HTTP_POST_VARS ['username'];

$password = $HTTP_POST_VARS ['password'];

$_SESSION = $_POST[ 'username' ];
$_SESSION = $_POST[ 'password'];

$sql = "Select real_name From users Where username='$username' and password='$password' ";

$result = mysql_query($sql) or die ("Unable to get results.");

$num = mysql_numrows($result) or die ("You're not authorized to be here. If you feel that you have recieved this message in error, please contact the <a href=\"mailto:cory@ijws.com\">Administrator</a>");

if($num == 1)
{
echo "<br><br><br>";
echo "<h3><center><b>Welcome you are logged in as a GUEST!</b></center></h3><br>";
echo "<h3><center><b>Your guest name is <i><b>$username</b></i></b></center></h3>";
echo "<br>";
echo "<b>This the session: $session</b>";
echo "<center><b>Here is a list of information pieces you could view!</b></center>";

}
?>[/syntax]
User avatar
RandomEngy
Forum Contributor
Posts: 173
Joined: Wed Jun 26, 2002 3:24 pm
Contact:

Post by RandomEngy »

Try changing it to:

Code: Select all

<? 
session_start(); 

mysql_connect("localhost", "root") or die("Unable to connect to the server."); 

mysql_select_db("ijwHotel") or die("Unable to select the database."); 

$_SESSION&#1111;'username'] = $_POST&#1111;'username']; 
$_SESSION&#1111;'password'] = $_POST&#1111;'password']; 

$sql = "SELECT real_name FROM users WHERE username='&#123;$_SESSION&#1111;'username']&#125;' AND password='&#123;$_SESSION&#1111;'password']&#125;'"; 

$result = mysql_query($sql) or die ("Unable to get results."); 

$num = mysql_num_rows($result);

if($num == 0)
die ("You're not authorized to be here. If you feel that you have recieved this message in error, please contact the <a href="mailto:cory@ijws.com">Administrator</a>"); 
else
&#123; 
echo "<br><br><br>\n"; 
echo "<h3><center><b>Welcome you are logged in as a GUEST!</b></center></h3><br>\n"; 
echo "<h3><center><b>Your guest name is <i><b>$_SESSION&#1111;'username']</b></i></b></center></h3>\n"; 
echo "<br>\n";
echo "<center><b>Here is a list of information pieces you could view!</b></center>\n"; 

&#125; 
?>
I
  • changed all $username and $password to $_SESSION['username'] and $_SESSION['password']
  • fixed how the session variables were set
  • capitalized SQL terms in your search query. (This is good practice as it makes it easy to tell which terms are SQL terms and which terms are names in the database and variables)
  • changed mysql_numrows to mysql_num_rows
  • changed how the denial worked. If the number of matches is 0, it denies access.
  • added newline characters at the end of your echoes. It doesn't change the way to page looks but the HTML source is a lot easier on the eyes.
  • deleted the line where you try to echo out $session
Remember, $_SESSION is an associative array that stays around throught different pages. Do

Code: Select all

$_SESSION&#1111;'var'] = "ham";
on one page to set the session variable, and on another do

Code: Select all

echo $_SESSION&#1111;'var'];
to echo it out. (remember session_start(); at the top of every page)

Good luck.
bedcor
Forum Newbie
Posts: 24
Joined: Fri Jul 26, 2002 11:01 am
Location: Barrie, Ontario

Post by bedcor »

if I was to run the modified code I get this error:

Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in c:\apache\apache\htdocs\login1.php on line 23

I don't see what's wrong do yu?
User avatar
RandomEngy
Forum Contributor
Posts: 173
Joined: Wed Jun 26, 2002 3:24 pm
Contact:

Post by RandomEngy »

Change

Code: Select all

echo "<h3><center><b>Your guest name is <i><b>$_SESSION&#1111;'username']</b></i></b></center></h3>\n";
to

Code: Select all

echo "<h3><center><b>Your guest name is <i><b>&#123;$_SESSION&#1111;'username']&#125;</b></i></b></center></h3>\n";
bedcor
Forum Newbie
Posts: 24
Joined: Fri Jul 26, 2002 11:01 am
Location: Barrie, Ontario

Post by bedcor »

Thanks for the tip it works now! :D

My first actual completion of using a session (with your help).
Post Reply