Sessions and mySQL queries
Posted: Tue Feb 11, 2003 11:04 am
Hi
I have made a login page with the help from the tutorial on this site at http://www.phpcomplete.com/tutorials.ph ... adTutorial
i have added a field to the database which i have called firstName but seem to not beable to carry that over to the next page. Here is the code that i have written
<?php
session_start();
$user_name = $_POST['user_name'];
$password = $_POST['password'];
// Open connection to the database
$connection = mysql_connect("localhost", "cctvcity", "ccpass02") or die("Failure to communicate with database");
mysql_select_db('cctvcity', $connection) or die(mysql_error());
//set up the query
$query = "SELECT * FROM users
WHERE user_name='$user_name' AND password='$password'";
//run the query and get the number of affected rows
$result = mysql_query($query, $connection) or die('error making query');
$affected_rows = mysql_num_rows($result);
$firstName = $affected_rows["firstName"];
//if there's exactly one result, the user is validated. Otherwise, he's invalid
if($username == $row["username"] && $user_password == $row["user_password"]) {
print 'validated <a href="verifyLogin.php">Click here to check</a>';
//add the user to our session variables
session_register("username","firstName");
$_SESSION['username'] = $user_name;
$_SESSION['firstName'] = $firstName;
}
else {
print 'not valid';
}
?>
<html>
<head>
<title>validate.php</title>
</head>
<body>
<?php
$user_name = $_POST['user_name'];
$password = $_POST['password'];
?>
</body>
</html>
any tips would be gratefully received. Thanks
I have made a login page with the help from the tutorial on this site at http://www.phpcomplete.com/tutorials.ph ... adTutorial
i have added a field to the database which i have called firstName but seem to not beable to carry that over to the next page. Here is the code that i have written
<?php
session_start();
$user_name = $_POST['user_name'];
$password = $_POST['password'];
// Open connection to the database
$connection = mysql_connect("localhost", "cctvcity", "ccpass02") or die("Failure to communicate with database");
mysql_select_db('cctvcity', $connection) or die(mysql_error());
//set up the query
$query = "SELECT * FROM users
WHERE user_name='$user_name' AND password='$password'";
//run the query and get the number of affected rows
$result = mysql_query($query, $connection) or die('error making query');
$affected_rows = mysql_num_rows($result);
$firstName = $affected_rows["firstName"];
//if there's exactly one result, the user is validated. Otherwise, he's invalid
if($username == $row["username"] && $user_password == $row["user_password"]) {
print 'validated <a href="verifyLogin.php">Click here to check</a>';
//add the user to our session variables
session_register("username","firstName");
$_SESSION['username'] = $user_name;
$_SESSION['firstName'] = $firstName;
}
else {
print 'not valid';
}
?>
<html>
<head>
<title>validate.php</title>
</head>
<body>
<?php
$user_name = $_POST['user_name'];
$password = $_POST['password'];
?>
</body>
</html>
any tips would be gratefully received. Thanks