elmas156 Posted August 24, 2008 Share Posted August 24, 2008 Here's what I'm trying to do... When users sign in on the index page using their email address and a passord, a session is started and they are redirected to the members page using header("Location: somepage.php"); What I want to do is to transfer the $email variable to the next page because I use it as the unique field in every table in my database. Basically, once a user is signed in and sent to the members page, the variable $email is also sent to the members page set as whatever email they just signed in with. This way the page can look in different tables to pull out different information without the user having to enter their email address again because it's already there. I have figured out how to do this using the $_GET function and just adding the information to the end of the page name that the page is redirected to but I'm wondering if there might be a better or more efficient way of doing it. Here is the code to both pages. Index/Login Page: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Untitled Document</title> </head> <body> <?php include("conf.inc.php"); // Includes the db and form info. session_start(); // Starts the session. if ($_SESSION['logged'] == 1) { // User is already logged in. header("Location: members.php"); // Goes to main page. exit(); // Stops the rest of the script. } else { if (!isset($_POST['submit'])) { // The form has not been submitted. echo "<form action=\"index.php\" method=\"POST\">"; echo "<table width=\"150\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">"; echo "<tr>"; echo "<td><p><strong>Member Sign In</strong></p>"; echo "<p>Email Address:"; echo "<input type=\"text\" name=\"email\" id=\"email\">"; echo "Password:<br>"; echo "<input type=\"password\" name=\"pword\">"; echo "<br>"; echo "<input type=\"submit\" name=\"submit\" value=\"Submit...\">"; echo "<br>"; echo "<a href=\"signup.php\">Sign Me Up!</a><br>"; echo "<a href=\"pwordhelp.php\">Forgot Password</a></p>"; echo "</td>"; echo "</tr>"; echo "</table>"; echo "</form>"; } else { $email = form($_POST['email']); $pword = md5($_POST['pword']); // Encrypts the password. $q = mysql_query("SELECT * FROM `users` WHERE email = '$email' AND pword = '$pword'") or die (mysql_error()); // mySQL query $r = mysql_num_rows($q); // Checks to see if anything is in the db. if ($r == 1) { // There is something in the db. The username/password match up. $_SESSION['logged'] = 1; // Sets the session. header("Location: members.php?email=$email"); // Goes to main page. exit(); // Stops the rest of the script. } else { // Invalid username/password. echo "<form action=\"index.php\" method=\"POST\">"; echo "<table width=\"150\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">"; echo "<tr>"; echo "<td><p><strong>Member Sign In</strong></p>"; echo "<p><font color=\"#FF0000\">Incorrect Email or Password, please try again.</font></p>"; echo "<p>Email Address:"; echo "<input name=\"email\" type=\"text\" id=\"email\" value=\"$email\">"; echo "Password:<br>"; echo "<input type=\"password\" name=\"pword\">"; echo "<br>"; echo "<input type=\"submit\" name=\"submit\" value=\"Submit...\">"; echo "<br>"; echo "<a href=\"signup.php\">Sign Me Up!</a><br>"; echo "<a href=\"pwordhelp.php\">Forgot Password</a></p>"; echo "</td>"; echo "</tr>"; echo "</table>"; echo "</form>"; } } } mysql_close($db_connect); // Closes the connection. ?> </body> </html> Members Page: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Untitled Document</title> </head> <body> <?php $email=$_GET['email']; include("conf.inc.php"); // Includes the db and form info. session_start(); // Starts the session. if ($_SESSION['logged'] != 1) { // There was no session found! header("Location: login.php"); // Goes to login page. exit(); // Stops the rest of the script. } $result = mysql_query("SELECT fname,lname FROM users WHERE email = '$email'"); if (!$result) { echo 'Could not run query: ' . mysql_error(); exit; } $row = mysql_fetch_row($result); echo "Hello "; echo $row[0]; echo " "; echo $row[1]; echo "!<br>"; echo "This is the main page!"; echo "<br />"; echo "<a href=\"logout.php\">Logout?</a>" ?> </body> </html> Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted August 24, 2008 Share Posted August 24, 2008 you can store it in a session or cookie, or send it using $_POST Quote Link to comment Share on other sites More sharing options...
elmas156 Posted August 24, 2008 Author Share Posted August 24, 2008 that's my question, how do I send it in a session or using $_POST without changing the whole form? Or does anyone see a problem with leaving it the way it is? Let the opinions roll in :-) Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted August 24, 2008 Share Posted August 24, 2008 change this $_SESSION['logged'] = 1; // Sets the session. header("Location: members.php?email=$email"); // Goes to main page. to $_SESSION['logged'] = 1; // Sets the session. $_SESSION['email'] = $email; header("Location: members.php"); // Goes to main page. and on members.php $email=$_GET['email']; to $email=$_SESSION['email']; Quote Link to comment Share on other sites More sharing options...
elmas156 Posted August 24, 2008 Author Share Posted August 24, 2008 OK, I've tried this in several different variations and it's not working... any other ideas? Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted August 24, 2008 Share Posted August 24, 2008 show your code, as it will work Quote Link to comment Share on other sites More sharing options...
elmas156 Posted August 24, 2008 Author Share Posted August 24, 2008 The result that I should get on the members page when viewed is: Hello John Doe! This is the main page! Logout? But this is the result that I'm getting: Hello ! This is the main page! Logout? Here is the updated code: Index/Login Page: <?php include("conf.inc.php"); // Includes the db and form info. session_start(); // Starts the session. if ($_SESSION['logged'] == 1) { // User is already logged in. header("Location: members.php"); // Goes to main page. exit(); // Stops the rest of the script. } else { if (!isset($_POST['submit'])) { // The form has not been submitted. echo "<form action=\"index.php\" method=\"POST\">"; echo "<table width=\"150\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">"; echo "<tr>"; echo "<td><p><strong>Member Sign In</strong></p>"; echo "<p>Email Address:"; echo "<input type=\"text\" name=\"email\" id=\"email\">"; echo "Password:<br>"; echo "<input type=\"password\" name=\"pword\">"; echo "<br>"; echo "<input type=\"submit\" name=\"submit\" value=\"Submit...\">"; echo "<br>"; echo "<a href=\"signup.php\">Sign Me Up!</a><br>"; echo "<a href=\"pwordhelp.php\">Forgot Password</a></p>"; echo "</td>"; echo "</tr>"; echo "</table>"; echo "</form>"; } else { $email = form($_POST['email']); $pword = md5($_POST['pword']); // Encrypts the password. $q = mysql_query("SELECT * FROM `users` WHERE email = '$email' AND pword = '$pword'") or die (mysql_error()); // mySQL query $r = mysql_num_rows($q); // Checks to see if anything is in the db. if ($r == 1) { // There is something in the db. The username/password match up. $_SESSION['logged'] = 1; // Sets the session. $_SESSION['email'] = $email; header("Location: members.php"); // Goes to main page. exit(); // Stops the rest of the script. } else { // Invalid username/password. echo "<form action=\"index.php\" method=\"POST\">"; echo "<table width=\"150\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">"; echo "<tr>"; echo "<td><p><strong>Member Sign In</strong></p>"; echo "<p><font color=\"#FF0000\">Incorrect Email or Password, please try again.</font></p>"; echo "<p>Email Address:"; echo "<input name=\"email\" type=\"text\" id=\"email\" value=\"$email\">"; echo "Password:<br>"; echo "<input type=\"password\" name=\"pword\">"; echo "<br>"; echo "<input type=\"submit\" name=\"submit\" value=\"Submit...\">"; echo "<br>"; echo "<a href=\"signup.php\">Sign Me Up!</a><br>"; echo "<a href=\"pwordhelp.php\">Forgot Password</a></p>"; echo "</td>"; echo "</tr>"; echo "</table>"; echo "</form>"; } } } mysql_close($db_connect); // Closes the connection. ?> Members Page: <?php $email=$_SESSION['email']; include("conf.inc.php"); // Includes the db and form info. session_start(); // Starts the session. if ($_SESSION['logged'] != 1) { // There was no session found! header("Location: index.php"); // Goes to login page. exit(); // Stops the rest of the script. } $result = mysql_query("SELECT fname,lname FROM users WHERE email = '$email'"); if (!$result) { echo 'Could not run query: ' . mysql_error(); exit; } $row = mysql_fetch_row($result); echo "Hello "; echo $row[0]; echo " "; echo $row[1]; echo "!<br>"; echo "This is the main page!"; echo "<br />"; echo "<a href=\"logout.php\">Logout?</a>" ?> Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted August 24, 2008 Share Posted August 24, 2008 you have the $email var before session start , y?? it wont work then Quote Link to comment Share on other sites More sharing options...
elmas156 Posted August 24, 2008 Author Share Posted August 24, 2008 You Mean on the members page? Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted August 25, 2008 Share Posted August 25, 2008 yes Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.