Adding sessions to an existing script?
Moderator: General Moderators
Adding sessions to an existing script?
If I wanted to start using sessions with my login script would i have to change my $user = $HTTP_POST_VARS ['user']; to $user = $_Session['user']?
- RandomEngy
- Forum Contributor
- Posts: 173
- Joined: Wed Jun 26, 2002 3:24 pm
- Contact:
You'd do something like:
Then as long as you've got session_start(); at the top of every page, you can access the $_SESSION['user'] variable on a later page.
Code: Select all
$_SESSIONї'user'] = $_POSTї'user'];Can someone tell me if i'm on the right track?
[syntax=php]<?
session_start();
mysql_connect("localhost", "root") or die("Unable to connect to the server.");
mysql_select_db("ijwHotel") or die("Unable to select the database.");
$username = $HTTP_POST_VARS ['username'];
$password = $HTTP_POST_VARS ['password'];
$_SESSION = $_POST[ 'username' ];
$_SESSION = $_POST[ 'password'];
$sql = "Select real_name From users Where username='$username' and password='$password' ";
$result = mysql_query($sql) or die ("Unable to get results.");
$num = mysql_numrows($result) or die ("You're not authorized to be here. If you feel that you have recieved this message in error, please contact the <a href=\"mailto:cory@ijws.com\">Administrator</a>");
if($num == 1)
{
echo "<br><br><br>";
echo "<h3><center><b>Welcome you are logged in as a GUEST!</b></center></h3><br>";
echo "<h3><center><b>Your guest name is <i><b>$username</b></i></b></center></h3>";
echo "<br>";
echo "<b>This the session: $session</b>";
echo "<center><b>Here is a list of information pieces you could view!</b></center>";
}
?>[/syntax]
[syntax=php]<?
session_start();
mysql_connect("localhost", "root") or die("Unable to connect to the server.");
mysql_select_db("ijwHotel") or die("Unable to select the database.");
$username = $HTTP_POST_VARS ['username'];
$password = $HTTP_POST_VARS ['password'];
$_SESSION = $_POST[ 'username' ];
$_SESSION = $_POST[ 'password'];
$sql = "Select real_name From users Where username='$username' and password='$password' ";
$result = mysql_query($sql) or die ("Unable to get results.");
$num = mysql_numrows($result) or die ("You're not authorized to be here. If you feel that you have recieved this message in error, please contact the <a href=\"mailto:cory@ijws.com\">Administrator</a>");
if($num == 1)
{
echo "<br><br><br>";
echo "<h3><center><b>Welcome you are logged in as a GUEST!</b></center></h3><br>";
echo "<h3><center><b>Your guest name is <i><b>$username</b></i></b></center></h3>";
echo "<br>";
echo "<b>This the session: $session</b>";
echo "<center><b>Here is a list of information pieces you could view!</b></center>";
}
?>[/syntax]
- RandomEngy
- Forum Contributor
- Posts: 173
- Joined: Wed Jun 26, 2002 3:24 pm
- Contact:
Try changing it to:
I
on one page to set the session variable, and on another do
to echo it out. (remember session_start(); at the top of every page)
Good luck.
Code: Select all
<?
session_start();
mysql_connect("localhost", "root") or die("Unable to connect to the server.");
mysql_select_db("ijwHotel") or die("Unable to select the database.");
$_SESSIONї'username'] = $_POSTї'username'];
$_SESSIONї'password'] = $_POSTї'password'];
$sql = "SELECT real_name FROM users WHERE username='{$_SESSIONї'username']}' AND password='{$_SESSIONї'password']}'";
$result = mysql_query($sql) or die ("Unable to get results.");
$num = mysql_num_rows($result);
if($num == 0)
die ("You're not authorized to be here. If you feel that you have recieved this message in error, please contact the <a href="mailto:cory@ijws.com">Administrator</a>");
else
{
echo "<br><br><br>\n";
echo "<h3><center><b>Welcome you are logged in as a GUEST!</b></center></h3><br>\n";
echo "<h3><center><b>Your guest name is <i><b>$_SESSIONї'username']</b></i></b></center></h3>\n";
echo "<br>\n";
echo "<center><b>Here is a list of information pieces you could view!</b></center>\n";
}
?>- changed all $username and $password to $_SESSION['username'] and $_SESSION['password']
- fixed how the session variables were set
- capitalized SQL terms in your search query. (This is good practice as it makes it easy to tell which terms are SQL terms and which terms are names in the database and variables)
- changed mysql_numrows to mysql_num_rows
- changed how the denial worked. If the number of matches is 0, it denies access.
- added newline characters at the end of your echoes. It doesn't change the way to page looks but the HTML source is a lot easier on the eyes.
- deleted the line where you try to echo out $session
Code: Select all
$_SESSIONї'var'] = "ham";Code: Select all
echo $_SESSIONї'var'];Good luck.
- RandomEngy
- Forum Contributor
- Posts: 173
- Joined: Wed Jun 26, 2002 3:24 pm
- Contact:
Change
to
Code: Select all
echo "<h3><center><b>Your guest name is <i><b>$_SESSIONї'username']</b></i></b></center></h3>\n";Code: Select all
echo "<h3><center><b>Your guest name is <i><b>{$_SESSIONї'username']}</b></i></b></center></h3>\n";