Jump to content

[SOLVED] Variable not working on new page

tjverge

By tjverge
in PHP Coding Help

Recommended Posts

tjverge Member

tjverge

Posted
Posted 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$username=$_POST['username']; 
$password=$_POST['password']; 

// To protect MySQL injection
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("username");
session_register("password"); 
header("location:login_success.php
}
else {
echo "Wrong Username or Password";
}
?>

 

I want the username on this page to carry over to login_success.php so that this line will work.

$sql = "SELECT * FROM `members` WHERE username='$username'";

and only that users information is displayed not every ones in the table.

 

any ideas would be great.

 

Thank you

Link to comment
https://forums.phpfreaks.com/topic/109970-solved-variable-not-working-on-new-page/
Share on other sites
thebadbad Newbie

thebadbad

Posted
Posted

Put session_start() at the top of both pages, and use $_SESSION['username'] = $username; instead of session_register("username"), since it's outdated and relies on register_globals (very bad). Retrieve the saved session with $_SESSION['username'].

tjverge Member

tjverge

Posted
  • Author
Posted

Still dose not work here is the codes for the two pages

 

checklogin.php

<?php

session_start()

$host="localhost"; // Host name

$username="x"; // Mysql username

$password="x"; // Mysql password

$db_name="viral"; // Database name

$tbl_name="members"; // Table name

 

// Connect to server and select databse.

mysql_connect("$host", "$username", "$password")or die("cannot connect");

mysql_select_db("$db_name")or die("cannot select DB");

 

// username and password sent from form

$username=$_POST['username'];

$password=$_POST['password'];

 

// To protect MySQL injection

$username = stripslashes($username);

$password = stripslashes($password);

$username = mysql_real_escape_string($username);

$password = mysql_real_escape_string($password);

 

$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";

$result=mysql_query($sql);

 

// Mysql_num_row is counting table row

$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row

 

if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"

$_SESSION['username'] = $username;

$_SESSION['password'] = $password;

header("location:login_success.php?username=".$username.);

}

else {

echo "Wrong Username or Password";

}

?>

 

and login_success.php

 

<?

 

session_start();

if(!session_is_registered(username)){

header("location:login.php");

}

$_SESSION['username'];

$db_host = "localhost";

$db_user = "x";

$db_pwd = "x";

$db_name = "viral";

mysql_connect($db_host, $db_user, $db_pwd);

mysql_select_db($db_name);

 

 

$sql = "SELECT * FROM `members` WHERE username='$username'";

$query = mysql_query($sql);

 

while($row = mysql_fetch_array($query)) {

 

echo "<tr>";

echo "<td> User Name: ".$row['username']."<br></td>";

echo "<td> Site Name: ".$row['pagename']."<br></td>";

echo "<td> Site URL: ".$row['url']."<br></td>";

echo "<td> Visits to Promo page: : ".$row['views']."<br></td>";

echo "</tr><br>";

}

 

 

?>

thebadbad Newbie

thebadbad

Posted
Posted

Looks like you forgot a semi-colon after session_start(). Also, use isset($_SESSION['username']) instead of session_is_registered(). And you're not saving the session variable to anything. $username = $_SESSION['username']; should do the trick :)

wildteen88 Regular Member

wildteen88

Posted
Posted

Just calling $_SESSION['username'] will not do anything.

 

Change 

if(!session_is_registered(username)){
header("location:login.php");
}
$_SESSION['username'];

 

to

if(!isset($_SESSION['username']))
{
    header("location: login.php");
}

$username = $_SESSION['username'];

 

Avoid using session_register or session_is_registered functions these are depreciated.

tjverge Member

tjverge

Posted
  • Author
Posted

This is what I have now:will not go pass the login form login.php now :)

<?

 

session_start();

if(!isset($_SESSION['username']))

{

    header("location: login.php");

}

 

$username = $_SESSION['username'];

$db_host = "localhost";

$db_user = "root";

$db_pwd = "eagle5";

$db_name = "viral";

mysql_connect($db_host, $db_user, $db_pwd);

mysql_select_db($db_name);

 

 

$sql = "SELECT * FROM `members` WHERE username='username'";

$query = mysql_query($sql);

 

while($row = mysql_fetch_array($query)) {

 

echo "<tr>";

echo "<td> User Name: ".$row['username']."<br></td>";

echo "<td> Site Name: ".$row['pagename']."<br></td>";

echo "<td> Site URL: ".$row['url']."<br></td>";

echo "<td> Visits to Promo page: : ".$row['views']."<br></td>";

echo "</tr><br>";

}

 

 

?>

tjverge Member

tjverge

Posted
  • Author
Posted

Changed $sql = "SELECT * FROM `members` WHERE username='username'"; to $sql = "SELECT * FROM `members` WHERE username='$username'";

 

Still having the problem of not even being able to get past login.php now the code for that page is just html as follows:

 

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="username" type="text" id="username"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="password" type="password" id="password"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

 

Code for checklogin:

 

<?php
session_start();
$host="localhost"; // Host name 
$username="x"; // Mysql username 
$password="x"; // Mysql password 
$db_name="viral"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$username=$_POST['username']; 
$password=$_POST['password']; 

// To protect MySQL injection
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
header("location:login_success.php?username=".$username.);
}
else {
echo "Wrong Username or Password";
}
?>

 

and the code for login_success.php:

 

<? 


session_start();
if(!isset($_SESSION['username']))
{
    header("location: login.php");
}

$username = $_SESSION['username'];
$db_host = "localhost";
$db_user = "x";
$db_pwd = "x";
$db_name = "viral";
mysql_connect($db_host, $db_user, $db_pwd);
mysql_select_db($db_name);


$sql = "SELECT * FROM `members` WHERE username='$username'";
$query = mysql_query($sql);

while($row = mysql_fetch_array($query)) {

echo "<tr>";
echo "<td> User Name: ".$row['username']."<br></td>";
echo "<td> Site Name: ".$row['pagename']."<br></td>";
echo "<td> Site URL: ".$row['url']."<br></td>";
echo "<td> Visits to Promo page: : ".$row['views']."<br></td>";
echo "</tr><br>";
}


?>

 

 

 

 

wildteen88 Regular Member

wildteen88

Posted
Posted

If you keep being redirected back to the login form after you have submitted the form then it seem like the sessions vars are not being set correctly.

 

The following code here in login_success.php

if(!isset($_SESSION['username']))
{
    header("location: login.php");
}

will redirect the user back to login.php if the $_SESSION['username'] variables does not exist.

tjverge Member

tjverge

Posted
  • Author
Posted

Make it mysql_query($sql) OR die(mysql_error());

 

Also, why in the name of CSS are you using tables for layouts? *Dies*

 

It has started working, I know I'm new to PHP but as I understand it adding an error statment would not change it just make an error write the the screen if there is a problem (if i'm wrong let me know :) ) and yes I am using a table for the layout.

 

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.