[SOLVED] Userid in the session

[nvee]

Hey Guys

 

We're busy with a login system and have hit a wall! What needs to happen is that once the user enters his username and password, the script checks if the username and password is in the database, and then puts the username and password in the session. What we would like to do differently is also insert the userid which is also in the database and insert it into the session.

 

This however does not want to work. It gets the userid from the database and we can echo it which works correctly, but it does not want to assign it to the $_SESSION["id"]; value

 

Here is the code:

 

<?php require_once("includes/connect.php"); ?>
<?php
if (isset($_GET['expired'])) {
$message = "Your previous session has expired, please log in again!";
}
if (isset($_GET['login'])) {
$username = $_GET['username'];
$password = $_GET['password'];

if($username == "") {
$message = "You have to type in a username!"; 
}
elseif($password == "") {
$message = "You have to type in a password!";
} else {
$query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
$results = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($results);
$rows = mysql_num_rows($results);
if($rows == 1) {
[color=red]$sessionid = $row['id'];[/color]
$type = $row['type'];
session_regenerate_id();
$_SESSION["username"] = $username;
$_SESSION["password"] = $password;
[color=red]$_SESSION["sessionid"] = $sessionid;[/color]
session_write_close();
if($type == "1") {
header("Location:clients/index.php"); } 
elseif($type != "1") {
header("Location:admin/index.php[color=red]?id=$sessionid"); // This was done to check if $sessionid actually assigns any value, it does output the userid in the db correctly[/color]
}
} else {
$message = "Incorrect username and password!";
}
}
}

 

 

Anyone have ANY idea why $sessionid cannot be assigned to S_SESSION["session_id"]; ?

[5kyy8lu3]

Hey Guys

 

We're busy with a login system and have hit a wall! What needs to happen is that once the user enters his username and password, the script checks if the username and password is in the database, and then puts the username and password in the session. What we would like to do differently is also insert the userid which is also in the database and insert it into the session.

 

This however does not want to work. It gets the userid from the database and we can echo it which works correctly, but it does not want to assign it to the $_SESSION["id"]; value

 

Here is the code:

 

<?php require_once("includes/connect.php"); ?>
<?php
if (isset($_GET['expired'])) {
$message = "Your previous session has expired, please log in again!";
}
if (isset($_GET['login'])) {
$username = $_GET['username'];
$password = $_GET['password'];

if($username == "") {
$message = "You have to type in a username!"; 
}
elseif($password == "") {
$message = "You have to type in a password!";
} else {
$query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
$results = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($results);
$rows = mysql_num_rows($results);
if($rows == 1) {
[color=red]$sessionid = $row['id'];[/color]
$type = $row['type'];
session_regenerate_id();
$_SESSION["username"] = $username;
$_SESSION["password"] = $password;
[color=red]$_SESSION["sessionid"] = $sessionid;[/color]
session_write_close();
if($type == "1") {
header("Location:clients/index.php"); } 
elseif($type != "1") {
header("Location:admin/index.php[color=red]?id=$sessionid"); // This was done to check if $sessionid actually assigns any value, it does output the userid in the db correctly[/color]
}
} else {
$message = "Incorrect username and password!";
}
}
}

 

 

Anyone have ANY idea why $sessionid cannot be assigned to S_SESSION["session_id"]; ?

 

 

<?php
start_session();