Jump to content

Recommended Posts

When echoing variables like $_SESSION (when I mean `like` I am mainly referring to arrays and variables like $_SERVER,$_POST,$_GET, etc.), you have to separate it from the string or put brackets around it.

 

Also, your ; was in the wrong place.

 

<?php 
session_start();
echo "Welcome, {$_SESSION['firstname']}";

?>

OR

<?php 
session_start();
echo "Welcome, ".$_SESSION['firstname'];
?>

Thanks for the syntax tip. That took care of the error message, but the name isn't showing up. Am I correct in understanding that the $_SESSION variable passes itself (as opposed to needing to be passed as a hidden value from page to page? I have firstname accounted for in the query.

<?php session_start();
require 'script.php'; 

if (isset($_POST['submit'])) {


$username = $_POST['username'];

$password = $_POST['password'];

$query = "SELECT firstname FROM table WHERE username = '$username' AND password = '$password'";

if($result = mysql_query($query)) {

	if (mysql_num_rows($result) == 1) { //username and password are in the database

		$_SESSION['firstname'] = $row[1];
		header('Location: http://www.url_index.php');

	}
	else {	//username and password not in database. 

	echo '<p align="center"><font color="red">The username and password combination you entered does not match those on file. Please try again.</font></p>';

	}
}


else {

echo mysql_errno($conn) . ": " . mysql_error($conn) . "\n";

}
}

?>

Adding this didn't change anything. What have I missed?

 

if (mysql_num_rows($result) == 1) { //username and password are in the database
		$row = mysql_fetch_array($result);

		$_SESSION['firstname'] = $row[1];

 

 

md5() is new to me. I'll research that.

I'm not up on the specifics, but nothing much should happen.  It will be closed when the browser is closed.  Maybe someone else has a better answer.

 

If you are concerned, just tack this on to the end of your pages (assuming you don't want information passed along).

 

This is mainly used for logout pages, seeing as you don't care about session data then.  (And it is redundant, but I find it is usefuly if you are paranoid.)

 

unset($_SESSION);
session_destroy();

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.