pengu Posted July 2, 2009 Share Posted July 2, 2009 Hey guys, Not the best with php, hence why I'm here asking for some help. I'm currently doing a website using "user authentication". So if you try to go to index.php or news.php it will redirect you to the login page, this is working just fine! Goes to database selects username&password, makes a session ID true and all pages check this.. The problem I'm having is I want to pass more information through the session, I'm 100% sure this is possible. For example in my "login.inc.php" page which checks all data entered I want to take the users "id" and pass this thru all pages so I can make for example.. a profile page. LOGIN.INC.PHP <?php require_once('*changed*'); require_once('functions.inc.php'); session_start(); // Check if user is already logged in if ($_SESSION['logged_in'] == true) { redirect('../index.php'); } else { if ( (!isset($_POST['username'])) || (!isset($_POST['password'])) OR (!ctype_alnum($_POST['username'])) ) { header('Location: ../login.php'); } $mysqli = @new mysqli(DB_HOSTNAME, DB_USERNAME, DB_PASSWORD, DB_DATABASE); if (mysqli_connect_errno()) { printf("Unable to connect to database: %s", mysqli_connect_error()); exit(); } $username = $mysqli->real_escape_string($_POST['username']); $password = $mysqli->real_escape_string($_POST['password']); $sql = "SELECT * FROM users WHERE username = '" . $username . "' AND password = md5('" . $password . "')"; $result = $mysqli->query($sql); //sure this is wrong, it doesn't even make sense to me.. but it's what I want it to do //pull the ID from the database while($row = mysql_fetch_array($result)) { $id = $row['id']; } if (is_object($result) && $result->num_rows == 1) { // used throughout the other pages $_SESSION['logged_in'] = true; // this one works, but only because it's pulling it from the "form" $_SESSION['username'] = $username; //this don't work $_SESSION['id'] = $id; redirect('../index.php'); } else { redirect('../login.php'); } } ?> functions.inc.php <?php function redirect($page) { header('Location: ' . $page); exit(); } function check_login_status() { // If $_SESSION['logged_in'] is set, return the status if (isset($_SESSION['logged_in'])) { return $_SESSION['logged_in']; return $_SESSION['username']; return $_SESSION['id']; } return false; } ?> Please help! Quote Link to comment Share on other sites More sharing options...
trq Posted July 2, 2009 Share Posted July 2, 2009 What exactly is the problem your having? Your code looks reasonable except for the fact that a function can only return one value. How / where are you trying to use $_SESSION['id'] ? Quote Link to comment Share on other sites More sharing options...
pengu Posted July 2, 2009 Author Share Posted July 2, 2009 Oh can it? So far it's just being displayed as the ID. But I want to use it for a profile page and some other things. So I want to be able to grab it all the time SELECT * FROM whatever WHERE id = $_SESSION['id'] kind of thing. Quote Link to comment Share on other sites More sharing options...
trq Posted July 2, 2009 Share Posted July 2, 2009 Sorry, that still doesn't help us help you. Can you answer the two questions I asked you in my previous response? Quote Link to comment Share on other sites More sharing options...
pengu Posted July 2, 2009 Author Share Posted July 2, 2009 I have a table that contains ID username password ect ect Using Session ID I want to pass that information constantly through all the pages. At the moment as a test I'm just doing a echo of the "ID" on another page and It's not displaying it at all. I want to be able to pull information from the database for different pages. LINKS.PHP <?php session_start(); require_once('includes/functions.inc.php'); if (check_login_status() == false) { redirect('login.php'); } ?> <html> <head> </head> <style> a:hover { color: #333333; } </style> <body> <font face="Fixedsys"> <p>WELCOME <?php echo $_SESSION['id'] ; ?> </p> <p> [<a href="./news.php" target="body">News</a>] [<a href="./includes/logout.inc.php" target="body">logout</a>] </p> so it's not displaying the "ID" on this other page, for example Quote Link to comment Share on other sites More sharing options...
pengu Posted July 3, 2009 Author Share Posted July 3, 2009 I eventually came to the conclusion that I can use the username to look up stuff in the database. The username is unique so I shouldn't run into multiple queries. If there is a better method, please do tell! Quote Link to comment Share on other sites More sharing options...
Garethp Posted July 3, 2009 Share Posted July 3, 2009 There shouldn't be a better one. A query with a unique identifier is always the best method EDIT: On second thought, query for Username AND Password, so you can just chest the number of rows without having to fetch the array Quote Link to comment Share on other sites More sharing options...
pkedpker Posted July 3, 2009 Share Posted July 3, 2009 how does this work function check_login_status() { // If $_SESSION['logged_in'] is set, return the status if (isset($_SESSION['logged_in'])) { return $_SESSION['logged_in']; return $_SESSION['username']; return $_SESSION['id']; } return false; } you know it will only return either false or the value of logged_in username id will never be returned.. something you gotta learn in programming return exits function right away.. right when it sees it.. if statement may make u be able to use multiple returns.. but as soon as code execution reaches a return its over.. and trust me. if you think just because logged_in is not set of something it will skip the return and go to the second one.. then your mistaken because return exits on ANYTHING.. its like similar to die();.. just without exiting the script execution just function jump. Plus its used in all programming languages.. Quote Link to comment Share on other sites More sharing options...
pengu Posted July 3, 2009 Author Share Posted July 3, 2009 Ignore that.. I've changed the code and have it fully functioning now. As soon as someone mentioned you can't return more than one thing I changed bits and pieces. Err.. thanks for your help anyways guys, but the best method is to sit there and fiddle with it, I'm sure I'll be asking more questions soon. Cheers, Pengu Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.