MySQL DB Validation and Sessions

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
WWWebdesign
Forum Newbie
Posts: 2
Joined: Wed Feb 18, 2004 4:05 am

MySQL DB Validation and Sessions

Post by WWWebdesign »

Hello all, ok its the first time I have used this forum so bare with me!

I have a php helpsystem program. On my login page I have a form which allows the user to enter their ClientID and Password. Once they have done this it SHOULD check their details with the details in the database and IF they match then the session should start and they get on to the next page. The next page has a PHP script simply saying "Welcome.....(Their ClientID here)". Unfortunately I can get it to use the MYSql to check their details with the DB BUT It does not appear to copy the ClientID over suggesting that there is either something wrong with my sessions or I am printing them out on the next page incorrectly, wierd thing is that if I delete the SQL and just have the sessions running by putting the action form as the next page the session run great! any ideas how I can get the MySQL and sessions running together. Hope this makes sense, other forums have tried to help but I have not yet had much luck! Thanks all!
User avatar
tim
DevNet Resident
Posts: 1165
Joined: Thu Feb 12, 2004 7:19 pm
Location: ohio

Post by tim »

how about seeing some of your code?
WWWebdesign
Forum Newbie
Posts: 2
Joined: Wed Feb 18, 2004 4:05 am

Post by WWWebdesign »

Sorry my code is as follows:

<?php
require_once('../Connections/MARTIN.php');
function output_form ($error_message = '', $ClientID = '')
{
print '<html>
<head>
<p align="center"><title>HomePage</title>
<p align="center"><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<p align="center"><img src="Sites%20Title%20Border.png" width="799" height="89"></p>
<form method="POST"
action = "http://localhost/project/User Logged In/WelcomeUserPage.php">
<p align="center"><font color="Black" size="5">Welcome to IT Help-OnLine</font><br><br><br>';
if ($error_message != '')
{
print '
<font color=red>' . $error_message . '</font>';
}

print '
<p align="center"> <br>Please enter your <i>Client ID</i>,<i>Password</i> and select your <i>Department</i> below.
<br>
Client ID:<font color="#FFFFFF">::</font><input text type="text" size="20" maxlength="20" name="ClientID"';

if ($ClientID != '')
{
print ' value="' . $ClientID . '"';
}

print '><br>
Password: <input text type="Password" size"15" maxlength="20" name="Password" ><br>
<br>
</p>
<p align="center"> Detpartment
<select name="CDept" size="1" id="CDept">
<option value="Unknown">Select</option>
<option value="Unknown">-----</option>
<option value="XRay">XRay</option>
<option value="Computing">Computing</option>
<option value="Renal">Renal</option>
<option value="Cardio">Cardio</option>
<option value="Heart Center">Heart Center</option>
<option value="Medical Health">Medical Health</option>
<option value="Diabetes">Diabetes</option>
<option value="Histology">Histology</option>
<option value="Ward 1-12">Ward 1-12</option>
<option value="Ward 13-20">Ward 13-20</option>
</select>
<br>
<br>
<input type = "submit" value="Click To Submit">
<input type = "reset" value="Reset">
</form>
<br>
<p align="Center">
If you are a new user please click <a href="New User Details/NewUserDetails.php" target="_top">here</a>.
</p>
<p align="Center"> Administrators log on <a href="Staff&Admin%20Login%20Page/Staff&Admin%20Login%20Page.php">here</a>
<br> <br> <br> <br>
<br>
<br>
<br>
<p><a href="mailto:jbloggs@hotmail.com">Email</a> us here</p>
</body>
</html>';
}
session_start();

mysql_select_db($database_MARTIN, $MARTIN);

if (isset($_POST['ClientID']) and isset($_POST['Password']))
{
$sql = "SELECT ClientID, cpassword, CDept FROM clientinfo WHERE ClientID='$ClientID' AND cpassword='$Password' AND Cdept='$CDept'";

$result = mysql_query($sql) or die("Error: MySQL said ".mysql_error());

$num = mysql_num_rows($result);
$row = mysql_fetch_assoc($result);

$_SESSION['Home_Page']='Welcome back';

if ($num != 0)
{
header("location: http://localhost/project/User Logged In/WelcomeUserPage.php?");
}
else
{
output_form ('Your login was unsuccessful', $_POST['ClientID']);
}
}
else
{
output_form();
}
?>
Post Reply