rnintulsa Posted August 4, 2008 Share Posted August 4, 2008 I have a question about sessions. Do I have to have a separate sessions file to use $_SESSION in my login code? What is required. I have been reading up on it, and am not understanding the process. I am going to have 5 companies signing in and then being redirected to their own company page. This is the login check page: <?php error_reporting(E_ALL); session_start( ); // if username and password are set and not empty then proceed with the rest of the process if( isset( $_POST[ 'username' ] ) && isset( $_POST[ 'company' ] ) && $_POST[ 'username' ] != '' && $_POST[ 'company' ] != '' ) { //$link = mysql_connect( 'host', 'username', 'password' ); //$db_selected = mysql_select_db('dbname', $link); $username = mysql_real_escape_string($_POST['username'], $link); $company = mysql_real_escape_string($_POST['company'], $link); if (!$db_selected) { echo"Connection to the database failed. Please try again later." ; exit; } $results = mysql_query("select * from access where username='" . $username . "' and company = '" . $company . "'" ,$link ) or die(mysql_error()); $num_rows = mysql_num_rows($results); //greater than zero if( $num_rows > 0 ) { $_SESSION['username'] = $username; //redirect $data = mysql_fetch_array($results); header("Location: {$data['company']}.php"); } else { header("Location: login_error.htm"); } } ?> This is not working and I am told it is because I need a sessions.php page. I am creating the sessions.php to be included, but is it necessary, and am I doing it right? <?php session_start(); $host = "host"; $username = "username"; $password = "pw"; $link = mysql_connect( 'host', 'username', 'password' ); $db_selected = mysql_select_db('dbname', $link); ?> I am loving learning php and appreciate all feedback. Please let know if you need more information from me. Link to comment https://forums.phpfreaks.com/topic/118093-solved-login-session/ Share on other sites More sharing options...
JonnyThunder Posted August 4, 2008 Share Posted August 4, 2008 As long as you call session_start() at the top of your main calling script (the first script you run) then it'll be fine for any additional pages. If however, you link to another page you'll need to put a session_start at the top of it too. You don't need an additional file. Link to comment https://forums.phpfreaks.com/topic/118093-solved-login-session/#findComment-607555 Share on other sites More sharing options...
rnintulsa Posted August 4, 2008 Author Share Posted August 4, 2008 Ok, so the page sessions.php is really not necessary in this case? Thanks so much, that was what I was thinking. Link to comment https://forums.phpfreaks.com/topic/118093-solved-login-session/#findComment-607559 Share on other sites More sharing options...
JonnyThunder Posted August 4, 2008 Share Posted August 4, 2008 No, you don't need any additional page to start a session. Just make sure you start the session on any independant page you'll use and thats it! Link to comment https://forums.phpfreaks.com/topic/118093-solved-login-session/#findComment-607562 Share on other sites More sharing options...
rnintulsa Posted August 4, 2008 Author Share Posted August 4, 2008 Wonderful, then I am now going to have to find the answer to the problem I am having with the script, since I now know it is not the sessions causing the problem. Many thanks. I will mark this solved and post the new topic. Link to comment https://forums.phpfreaks.com/topic/118093-solved-login-session/#findComment-607565 Share on other sites More sharing options...
JonnyThunder Posted August 4, 2008 Share Posted August 4, 2008 One more thing - you really want to make sure you've validated the format of $_POST before using it in a SQL query, to avoid SQL injection attack. Just FYI! Link to comment https://forums.phpfreaks.com/topic/118093-solved-login-session/#findComment-607577 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.