How can i grab a session id or name so that I can use it as a variable?

[noahyamen]

Hi again all.

 

Heres the concept of what I'm trying to do. I've been working on a CMS for a while now, and there is a section called Lead Manager. It works kind of like a mailbox, just really basic. It organizes all the contacts that come through on a website, and you are able to respond to the messages via Lead Manager like a email system would. Theres just one thing left I need it to do that i can't seem to get right. When you send a message, I need the "From" email address to automatically pull the email address thats assigned to the username thats currently logged into the cms.

 

I have a table on my database called admin, in it has the stored usernames, passwords, and email addresses assigned to all the users allowed in the cms. So let's say that the current user that is logged in is "johnsmith", and his email address for his account is "[email protected]". When johnsmith is logged in, i need the Lead Manager mail system to automatically pull johnsmiths email address to use as the "From" email address when sending messages.

 

How would you go about doing this? Here is some of the code im working with now:

 

session_start();
session_destroy();

$Login=$_POST['Login'];
if($Login){ 
  $username=$_POST['username'];
  $md5_password=md5($_POST['password']); 
  $result = mysql_query("select * from admin where username='$username' and password='$md5_password'");
		if(mysql_num_rows($result)!='0'){
			session_register("username");
			header("location:index.php");
			exit;
		} else {
			$message = "Incorrect Username or Password";
		}
  }

 

And here is some conceptual coding that represents what I am trying to accomplish (not actual coding I know):

 

$currentUser = session_is_registered;

$query = "SELECT * FROM admin WHERE username='$currentUser'"; 
$result = mysql_query($query); 

$email = mysql_result($result,0,"email");

 

[dreamwest]

session_start();


$Login=$_POST['Login'];
if($Login){
     $username=mysql_real_escape_string($_POST['username']);
     $md5_password=md5($_POST['password']);
     $result = mysql_query("select * from admin where username='{$username}' and password='{$md5_password}' limit 1 ");
         if(mysql_num_rows($result)!=0){
$row = mysql_fetch_assoc($result);          
$_SESSION['user'] = $row['username']; 

            header("location:index.php");
            exit;
         } else {
            $message = "Incorrect Username or Password";
         }
     }

[noahyamen]

i knew itd be somethin simple. Thanks so much

[mikesta707]

By the way, session_register is deprecated. as long as you have session_start() at the beginning of your page you can just do

$_SESSION['username'] = $whatever;

 

and that would register the session, and you can use the data later. I would just set an email session when your user logs in so you can use that instead of doing another query.