[SOLVED] how to pass my session to other page, newbie pls help

[noverticallimit]

hai

 

i have make a login page but the problem is the when i go the next page i don't know how to appear my username but instead it say Notice: Undefined variable: myusername in C:\wamp\www\MRS\login_success.php on line 13

hopefully someone can help me 

 

the logincheck.php is able to check whether my username is exist in my database but when it's redirect me to login_succesful.php i can't see my username

 

MY logincheck.php

<?PHP
include 'db.php';

$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

//protecting from MYSQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' ";
$result=mysql_query($sql);

//Check for for counting table row
$count=mysql_num_rows($result);
// So if the username and password is the same thus it will return 1

if($count==1){
session_register("myusername");
session_register("mypassword");
// after succesfully register the username & password we go to student_cp.php
header("location:login_success.php");
}
else{
echo" Invalid Username or Password";
}
ob_end_flush();
?>

 

My login_success.php code:

<? 
session_start();
  
if(!session_is_registered(myusername)){
header("location:student.html");
}
?>

<html>
<body>
Login Successful
<?PHP
print "Welcome $myusername ";
?>
<a href="blocka.php">blocka</a>
</body>
</html>

 

[Philip]

logincheck needs to have session_start();

 

and session_register is deprecated... FYI.

[noverticallimit]

ya i just realize it just now >< and i am using php 5.3.0, i try edit my code... will give an update

[noverticallimit]

sorry,

if session_register is deprecated so what should i do to solve this problem. thanks in advance

[Philip]

$_SESSION['var'] = 'value';

[noverticallimit]

thanks for the fast reply KingPhilip, i will try to edit it and give an update

[noverticallimit]

still can't work it although i have put it

 

<?PHP
include 'db.php';
session_start();
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

//protecting from MYSQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' ";
$result=mysql_query($sql);

//Check for for counting table row
$count=mysql_num_rows($result);
// So if the username and password is the same thus it will return 1

if($count==1){
session_register("myusername");
$_SESSION['myusername'] = $myusername;
session_register("mypassword");
$_SESSION['mypassword'] = $mypassword;
// after succesfully register the username & password we go to login_success.php
header("location:login_success.php");
}
else{
echo" Invalid Username or Password";
}

?>

 

is it because i use php 5.3.0 ? should i install older php version ><

 

 

[Andy-H]

You need to remove the session_register completely, to create a session you must have session_start before any output and set the session simply using:

 

$_SESSION['sessionName'] = $SessionValue;

 

Then to check weather a session is set (like the depreciated session_is_registered) use:

session_start();
if ( !isset($_SESSION['SessionName']) )
{
  //do something like header("Location: index.php");
}

[noverticallimit]

thanks i will try it and give an update

[noverticallimit]

thanks, but my $myusername still being treated as undefined variable because i got this message;

Notice: Undefined variable: myusername in C:\wamp\www\MRS\login_success.php on line 3

 

i put my recent code

 

logincheck.php

 

<?PHP
include 'db.php';
session_start();

$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

//protecting from MYSQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' ";
$result=mysql_query($sql);

//Check for for counting table row
$count=mysql_num_rows($result);
// So if the username and password is the same thus it will return 1

if($count==1){

$_SESSION['myusername'] = $myusername;

$_SESSION['mypassword'] = $mypassword;
// after succesfully register the username & password we go to login_success.php
header("location:login_success.php");
}
else{
echo" Invalid Username or Password";
}

?>

 

my login_success.php

<?PHP
session_start();
print "Welcome $myusername ";
if ( !isset($_SESSION['myusername']) )
{
  header("location:student.html");
} 
?>

<html>
<body>
Login Successful
<a href="blocka.php">blocka</a>
</body>
</html>

 

by the way is the any different with

<?PHP ?>

and

<?  ?>

[tomcant]

You should rearrange your `login_success.php' script slightly. Your `print' statement near the top of the script is trying to access $myusername when you havn't given it a value yet. Use something like this:

 

<?php
session_start();

if ( !isset($_SESSION['myusername']) )
{
  header("location:student.html");
}

// if we get this far, then the script is aware of the `myusername' session value
$myusername = $_SESSION['myusername'];
print "Welcome $myusername ";
?>

<html>
...

[noverticallimit]

yes tomcant you are right i did not see that ^^, meanwhile i also found another ways to do that rather than

print " Welcome $myusername";

i also can do like this

print "welcome $_SESSION[myusername]

without ' ' between myusername

 

Thank You KingPhilip , tomcant , Andy-H  for helping me out ^^ and PFMaBiSmAd thanks for the tip

 

thus i will put all my coding back here and mark this as solved

 

first file: checklogin.php

<?PHP
include 'db.php';
session_start();

$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

//protecting from MYSQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' ";
$result=mysql_query($sql);

//Check for for counting table row
$count=mysql_num_rows($result);
// So if the username and password is the same thus it will return 1

if($count==1){

$_SESSION['myusername'] = $myusername;

$_SESSION['mypassword'] = $mypassword;
// after succesfully register the username & password we go to login_success.php
header("location:login_success.php");
}
else{
echo" Invalid Username or Password";
}

?>

 

Second File: login_success.php

<?php
session_start();

if ( !isset($_SESSION['myusername']) )
{
  header("location:student.html");
}
?>

<html>
<body>
<?php
$myusername = $_SESSION['myusername'];
print "Welcome $_SESSION[myusername] \n";
print "Welcome $myusername \n";
?>
Login Successful
<a href="blocka.php">blocka</a>
</body>
</html>

[PFMaBiSmAd]

by the way is the any different with

<?PHP ?>

and

<?  ?>

Yes, <?php will always work as an opening php tag. <? won't always work because it can be disabled and you won't always be on a server where you will have the ability to enable it. Don't use <? because it results in code that won't always be seen as php code.

[noverticallimit]

emm how to mark this topic solved?    and PFMaBiSmAd thanks for the tip

[Andy-H]

I would also add a LIMIT of 1 to your MySQL query in order to stop MySQL searching once it has returned a result and to keep the count to 1 in the event that it finds more than one record, (wont happen if your database is setup correctly.

 

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' LIMIT 1";
$result=mysql_query($sql);

//Check for for counting table row
$count=mysql_num_rows($result);
// So if the username and password is the same thus it will return 1

if($count==1){