Jump to content

returning global variable

Gazz1982

By Gazz1982
in PHP Coding Help

 Share

Recommended Posts

Gazz1982 Member

Gazz1982

Posted
Posted 

<?php
$host="localhost"; // Host name
$username="*****"; // Mysql username
$password="*****"; // Mysql password
$db_name="register"; // Database name
$tbl_name="login"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
//print "Connected to MySQL<br>";

So I connect to my database

    if(!session_is_registered(myusername))
      {
        echo "<div class='right'>Welcome Guest</div>";
        echo"<br /><br />";
        echo" <div class='right'>
                  <div class='box'>
                    <p class='title'>Login</p>
                      <form class='small' name='login' method='post' action='checklogin.php?<?php echo SID?>'>
                        <p class='small'> Email<input name='myusername' type'text' id='myusername' size='13'></p>
                        <p class='small'> Password <input name='mypassword' type='text' id='mypassword' size='9'></p>
                        <p class='small'><a href='register.php?<?php echo SID?>' > Register </a>
                        <input type='submit' name='Submit' value='Login' /></p>
                      </form>
                    </div>
                  </div>";
      }

 

The previous code needs to make 'mypassword' accessible as a global variable'

 

Once logged in the global variable will be ultilised by the following code

 

      else if(session_is_registered(myusername))
      {

        $sql = mysql_query("Select * from login where EMAIL='   global variable   '");
        while($row1 = mysql_fetch_array($sql))
          {
        echo "<div class='right'>Welcome ";
        echo $row1['NAME_FIRST'];
        echo "<br /><a href='logout.php'>Logout</a></div>";
      }
  }

?>

 

How do I make this work?

 

Thanks for your help

Link to comment
https://forums.phpfreaks.com/topic/108905-returning-global-variable/
Share on other sites
DarkWater Member

DarkWater

Posted
Posted

What do you mean by "global variable"?  

 

@discomatt: Half the time, when people say "global variable", they have no idea what they actually should be saying.  So he probably doesn't need global scope, he probably means sessions.  Just speculating.  Let's see. =P

.josh Advanced Member

.josh

Posted
Posted

umm it looks like you have a basic form with basic variable checking there's no functions or classes or anything in play here so you don't need to worry about variable scope. The problem is that you are getting information from your form via the POST method so you need to be accessing your info via the $_POST array not from a session. Your variable can be accessed from this:

 

$_POST['mypassword']

 

just plug that into your conditions and you're good to go.  I do suggest sanitizing it first though.

Gazz1982 Member

Gazz1982

Posted
  • Author
Posted

yes and any other page which has session_start(); at the top of the page

 

I've been shown that code before but where in my code would I insert it? I've put it in my query:

 

$sql = mysql_query("Select * from login where EMAIL='$_POST['mypassword']'");

 

but it doesn't seem to work

.josh Advanced Member

.josh

Posted
Posted

using the $_POST array only works for the targeted action='target.php' page if you wish to then carry it from target.php to some other place, you're going to have to turn it into a session variable. 

 

As far as your query "not working" you're going to have to be more specific.  Right off the bat I see that you are not properly escaping quotes in your string it needs to look like this:

 

$sql = mysql_query("Select * from login where EMAIL='{$_POST['mypassword']}'");

 

If that still doesn't work then check your form and make sure you spelled mypassword correctly. If you did, then separate your query string from your query execution, echo it, and also add some error reporting, like so:

 

 

$sql = "Select * from login where EMAIL='{$_POST['mypassword']}'";
echo $sql;
$res = mysql_query($sql) or die(mysql_error());

 

check your table name and column name make sure you're using the right ones.  Enter in the echoed query string directly into sql through phpmyadmin to see if you get expected results. 

 

.josh Advanced Member

.josh

Posted
Posted

well back up there mister...as I said, the only reason you'd want to use a session variable is if you're going from form > formtarget > someotherpage

 

how many actual script pages do you have? Because it SEEMS to me that you should either be having 1 or 2 here.  Right? If so, forget about the sessions you don't need them.  Repost your code the whole thing.

Gazz1982 Member

Gazz1982

Posted
  • Author
Posted

website = http://www.noblesweb.co.uk/

 

<?php
$host="localhost"; // Host name
$username="*****"; // Mysql username
$password="*****"; // Mysql password
$db_name="register"; // Database name
$tbl_name="login"; // Table name

// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
//print "Connected to MySQL<br>";

if(!session_is_registered(myusername))
  {
  echo "<div class='right'>Welcome Guest</div>";
  echo"<br /><br />";
  echo" <div class='right'>
  <div class='box'>
    <p class='title'>Login</p>
      <form class='small' name='login' method='post' action='checklogin.php?<?php echo SID?>'>
        <p class='small'> Email<input name='myusername' type'text' id='myusername' size='13'></p>
        <p class='small'> Password <input name='mypassword' type='text' id='mypassword' size='9'></p>

    <p class='small'><a href='register.php?<?php echo SID?>' > Register </a>
      <input type='submit' name='Submit' value='Login' /></p>
      </form>
</div>
</div>";

      }
      else if(session_is_registered(myusername))
        
      {
        $sql = "Select * from login where EMAIL='{$_POST['mypassword']}'";
        echo $sql;
        $res = mysql_query($sql) or die(mysql_error());

        echo "<div class='right'>Welcome ";
        echo $res['NAME_FIRST'];
        echo "<br /><a href='logout.php'>Logout</a></div>";
      }
  }

?>

 

To login the form is use then it goes to the checklogin.php file see below

 

<?php
$host="localhost"; // Host name
$username="*****"; // Mysql username
$password="*****"; // Mysql password
$db_name="register"; // Database name
$tbl_name="login"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
//print "Connected to MySQL<br>";

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];


// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);


$sql="SELECT * FROM $tbl_name WHERE EMAIL='$myusername' and PASSWORD='$mypassword'";
$result=mysql_query($sql);


// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
//Register $myusername, $mypassword and redirect to file "login_success.php"

session_register("myusername");
session_register("mypassword");

header("location:login_success.php");
}

else {
header("location:login_fail.php");
}

?>

 

this then goes to here

 


<?
session_start();
if(!session_is_registered(myusername)){
header("location:login_fail.php");
}else{
header("location:index.php");
}
?>

 

then returns to the main page where it finds you are registered - this is where I am trying to connect to the database to get the users 1st name from the NAME_FIRST column after the else if {} part

trq Prolific Member

trq

Posted
Posted

You really need a better understanding of what sessions are and how exactly they work. For starters, the session_register function has long been depricated and should no longer be used but this isbeside the point really. If you already have the users username in a session, why are you running another query against the database to get it again?

 

Im not going to fix your code, but post a clean example.

 

index.php

<?php

  session_start();
  if (isset($_SESSION['username'])) {
    // if the user is logged in, display there name stored within the session.
    // no need to query the database for it.
    echo "Hello {$_SESSION['username']}";
  } else {
    echo "<form action='login.php' method='post'>";
    echo "  <input type='text' name='username'>";
    echo "  <input type='submit' name='submit'>";
    echo "</form>";
  }

?>

 

login.php

<?php

  session_start();
  if (isset($_POST['submit'])) {
    // here you would normally check against a db record.
    // however this is just a simple sessions demo.
    $_SESSION['username'] = $_POST['username'];
    header("Location: index.php");
  }

?>

Gazz1982 Member

Gazz1982

Posted
  • Author
Posted

thanks for the code clean up - much easier to understand now

 

I'm running another query as the username is an email address and password is a password, I want to have a welcome message which returns the users 1st name which is in the database so I am trying to select it by using the email as the where function in the sql

Gazz1982 Member

Gazz1982

Posted
  • Author
Posted

ok one step away!

 

This code displays the users email address when logged in how can i implement a sql query so it asks:

 

Select * from logon where NAME_FIRST = 'the value in myusername';

 

  if (isset($_SESSION['myusername'])) {
    // if the user is logged in, display there name stored within the session.
    // no need to query the database for it.

    echo "Hello {$_SESSION['myusername']}";
    echo "<br /><a href='logout.php'>Logout</a></div>";
  } else{
    echo "<div class='right'>Welcome Guest</div>";
    echo "<div class='right'>";
    echo "<div class='box'>";
    echo "<p class='title'>Login</p>";
    echo "<form class='small' name='login' method='post' action='checklogin.php?<?php echo SID?>'>";
    echo "<p class='small'> Email<input name='myusername' type'text' id='myusername' size='13'></p>";
    echo "<p class='small'> Password <input name='mypassword' type='text' id='mypassword' size='9'></p>";
    echo "<p class='small'><a href='register.php?<?php echo SID?>' > Register </a>";
    echo "<input type='submit' name='Submit' value='Login' /></p>";
    echo "</form>";
    echo "</div>";
    echo "</div>";   
  }

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.