session problem
Posted: Wed Apr 29, 2009 2:41 pm
I made a script a while back and recently started doing a upgrade. I found that there was an error in the client section I was not aware of.
The problem I have is that I am unable to use session becuz when ever i try to use
$user = escape_data($_SESSION['email'], $dbc);
I get an error in the client area. and looses the session info.
I have compared to the login code and nothing i do works
Here is the login code :
I put in bold the info that has to do with how i get teh users email to show which they are logged in with on pages in the client area.
If anyone has any idea or would like to chat with me about it please contact me here or on yahoo nite4000
Thanks
Don
The problem I have is that I am unable to use session becuz when ever i try to use
$user = escape_data($_SESSION['email'], $dbc);
I get an error in the client area. and looses the session info.
I have compared to the login code and nothing i do works
Here is the login code :
Code: Select all
if (strlen($_POST['login'])) {
$username = escape_data($_POST['user'], $dbc);
if(strlen($_POST['user'])==0) {
$error=TRUE;
$msg='Please enter your username!';
} else {
$username = escape_data($_POST['user'],$dbc);
}
if(strlen($_POST['pass'])==0) {
$error=TRUE;
$msg='Please enter your password!';
} else {
$password = md5($_POST['pass']);
}
$q=mysql_query("update users set last_login ='$date' WHERE email='$username' and password='$password' LIMIT 1")or die(mysql_error());
if($error != TRUE) {
$query="SELECT * from users WHERE email='$username' and password='$password' LIMIT 1";
$results = mysql_query($query) or die(mysql_error());
if(@mysql_num_rows($results) > 0) {
[b] //Login valid
$_SESSION['email'] = $_POST['user'];
$_SESSION['password'] = $_POST['pass'];[/b]
$user_info = mysql_fetch_array($results, MYSQL_ASSOC);
$_SESSION['id'] = $user_info['id'];
// Remember?
if(@intval($_POST['remember']) > 0) {
setcookie("c_i", $user_info['id'], time()+1209600);
setcookie("c_e", $_POST['user'], time()+1209600);
setcookie("c_p", md5($_POST['pass']), time()+1209600);
} else {
setcookie("c_i", "", time()-1209600);
setcookie("c_e", "", time()-1209600);
setcookie("c_p", "", time()-1209600);
}
$LOGIN = TRUE;
} else {
$error=TRUE;
$msg = 'Invalid username/password!';
}
}
}
}
$r = mysql_query("SELECT * FROM settings WHERE id='1'") or die(mysql_error());
$info = mysql_fetch_array($r, MYSQL_ASSOC);
@mysql_free_result($r);
$r = mysql_query("SELECT * FROM colors WHERE id='1'") or die(mysql_error());
$color = mysql_fetch_array($r, MYSQL_ASSOC);
@mysql_free_result($r);
if(strlen($_POST['user']) == 0) {
$_POST['user'] = 'Please enter your e-mail!';
}
If anyone has any idea or would like to chat with me about it please contact me here or on yahoo nite4000
Thanks
Don