[SOLVED] Username insert

[Ashoar]

I am having a little problem with grabbing the name of a user from the session.

I have this form that allows a member to make a post. At the top i include a variable that gets the username form the session of who is on that page.

It then inserts to the database later in the script, to the author field.

 

The problem is it is just inserting blank space to the database.

When i pull the info from the database on another page it doesn't show a name.

 

Can anyone see what i am doing wrong in this script, whether i am getting the session username wrong or something.

 

<?php 

$forumid=$_GET['board'];

include "config.php"; 

$username = $_SESSION["Username"];

print "<link rel='stylesheet' href='style.css' type='text/css'>";

print "<table class='maintables'>";

print "<tr class='headline'><td>Post a message</td></tr>";

print "<tr class='maintables'><td>";

if(isset($_POST['submit']))

{


   $yourpost=$_POST['yourpost'];

   $subject=$_POST['subject'];

   if(strlen($yourpost)<1)

   {

      print "You did not type in a post."; 

   }

   else if(strlen($subject)<1)

   {

      print "You did not type in a subject.";

   }


   else

   {

      $thedate=date("U"); //get unix timestamp

      $displaytime=date("F j, Y, g:i a");

      $subject=strip_tags($subject);

      $yourpost=strip_tags($yourpost); 


$insertpost=mysql_query(" INSERT INTO post_reply(board,author,title,post,showtime,realtime,lastposter) values('$forumid','$username','$subject','$yourpost','$displaytime','$thedate','$username') ");

if (!$insertpost){die(mysql_error());}


      print "Message posted, go back to <A href='index.php'>Forum</a>.";

   }



}

else

{
   $forumid=$_GET['board'];
   print "<form action='post.php?board=$forumid' method='post'>";

   print "Subject:<br>";

   print "<input type='text' name='subject' size='20'><br>";

   print "Your message:<br>";

   print "<textarea name='yourpost' rows='5' cols='40'></textarea><br>";

   print "<input type='submit' name='submit' value='submit'></form>";



}

print "</td></tr></table>";

?>

[mike12255]

can we see the file were :

 

$_SESSION["Username"];

 

is set??

[Ashoar]

It is not.

I assumed it would grab the username from the table of the current session.

 

Guess i was wrong?

How else could i do this then?

[mike12255]

Do you have a login form???

[Ashoar]

Yes along with registration.

[mike12255]

Could i see your file that the browser gets redirected to after clicking your submit button on your login form?

[Ashoar]

After clicking login the form is checked and then i use header to send them to the main page.

 

$_SESSION['s_logged_n'] = 'true';
$_SESSION['s_username'] = $username;
$_SESSION['s_name'] = $row['Name'];

header("Location: index.php");

 

I thought s_username would be what i would use, but it doesnt work either.

[mike12255]

This is correct

$_SESSION['s_username'] = $username;

 

When u entered this how did u enter it??:

<?php

//option 1
$username = $_SESSION["s_username"];

//option 2
$username = $_SESSION['s_username'];
?>

[Ashoar]

Like so:

 

$username = $_SESSION["s_username"];

 

But it doesn't work using either of those.

[mike12255]

ok, try doing it with option 2 and reply with what happens

[Ashoar]

Doesn't work with either of the options

 

[mike12255]

then this line must not be getting executed:

 

$_SESSION['s_username'] = $username;

 

i actually use something similar on a webpage im designing for a client and when the user clicks submit i execute this:

 

	<?php 
//better make sure they actually hit submit first	
if (isset($_POST['Submit'])){
$user = mysql_real_escape_string($_POST['username']);
//the pass is md5'd into the db so this one can only match if we md5 it do
$pass = md5($_POST['password']);
//make sure we stay secure
$pass = mysql_real_escape_string($pass);
//Look for the exact username and password in the db
$sql = "SELECT * FROM tbl_users WHERE username = '$user' AND password = '$pass'";
$result = mysql_query($sql) or die (mysql_error());

$row = mysql_num_rows($result);
//The if statment says if it finds a result (so more then 0 results) then continue
if ($row != 0){
$_SESSION['user'] = $user;
header("Location: index.php");
?>

 

perhaps you could show us the complete code that the login form is in, and the complete code from were the sessions are set?

[Ashoar]

That is pretty much the same as my login form after submit.

 

Should i have a code that holds sessions and session start and include it in all pages so that we always know if the session is running?

 

[mike12255]

bah, dont worry about it i just noticed the error now, sad considering it was the first thing i was looking for. On that first peice of code you started the topic off with, after the opening php tags include this:

 

session_start();

 

and then replace what you got with option two, should work

[Ashoar]

Ah that works perfectly.

Silly mistake on my behalf.

 

Thank you for all the help.

[mike12255]

Np just remember to mark topic as solved

 

P.S a little bit of side info if you have a logout button you can use this to ensure their logged out in the session:

 

<? session_start();
unset($_SESSION['s_username']);
session_destroy();
header("Location: login.php");
?>