Recordset and Session Variable

[homer2568]

I created a login page (php) and built the form and added dreamweaver mx's login behavior to it. I read in several areas that this behavior automatically creates a sessoin variable called MM_Username (I also read its called KT_Username for php pages). I then created a user info page which users reach right after logging in that displays several bits of information from their entry in the database table. So I created a recordset that filters by session variable ( username {this is the name of my user column in the table} = sessionvariable MM_Username (i also tried using KT_Username here). When I login, however, the login is successful but no dynamic data (the user's info) is displayed on the user info page. I did add the bindings from the recordset into a table but it is still not working. The codes for both the login page and the userinfo page are below:

 

login page code is:

<?php require_once('Connections/Test.php'); ?>

<?php

// *** Validate request to login to this site.

session_start();

 

$loginFormAction = $_SERVER['PHP_SELF'];

if (isset($accesscheck)) {

$GLOBALS['PrevUrl'] = $accesscheck;

session_register('PrevUrl');

}

 

if (isset($_POST['studentuser'])) {

$loginUsername=$_POST['studentuser'];

$password=$_POST['studentpwd'];

$MM_fldUserAuthorization = "";

$MM_redirectLoginSuccess = "userpage.php";

$MM_redirectLoginFailed = "failed.php";

$MM_redirecttoReferrer = false;

mysql_select_db($database_Test, $Test);

 

$LoginRS__query=sprintf("SELECT username, password FROM users WHERE username='%s' AND password='%s'",

get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

 

$LoginRS = mysql_query($LoginRS__query, $Test) or die(mysql_error());

$loginFoundUser = mysql_num_rows($LoginRS);

if ($loginFoundUser) {

$loginStrGroup = "";

 

//declare two session variables and assign them

$GLOBALS['MM_Username'] = $loginUsername;

$GLOBALS['MM_UserGroup'] = $loginStrGroup;

 

//register the session variables

session_register("MM_Username");

session_register("MM_UserGroup");

 

if (isset($_SESSION['PrevUrl']) && false) {

$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];

}

header("Location: " . $MM_redirectLoginSuccess );

}

else {

header("Location: ". $MM_redirectLoginFailed );

}

}

?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

<title>Untitled Document</title>

<script language="JavaScript" type="text/JavaScript">

<!--

function MM_reloadPage(init) { //reloads the window if Nav4 resized

if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) {

document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}

else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();

}

MM_reloadPage(true);

//-->

</script>

 

<style type="text/css">

<!--

.Listmenu { background-color: #F26522;

}

-->

</style>

 

<link href="CSS/HRULE.css" rel="stylesheet" type="text/css">

<style type="text/css">

<!--

.style4 {

font-family: "Trebuchet MS";

color: #FFFFFF;

font-size: smaller;

}

.style6 {font-family: "Trebuchet MS"; color: #FFFFFF; font-size: smaller; font-weight: bold; }

.style7 {

font-size: xx-large;

font-family: "Trebuchet MS";

}

.style8 {

font-size: larger;

font-family: "Trebuchet MS";

}

.style9 {font-family: "Trebuchet MS"}

-->

</style>

 

</head>

 

<body>

<div id="Layer5" style="position:absolute; left:721px; top:66px; width:100px; height:19px; z-index:10"><span class="style6"><u>register.</u></span></div>

<div id="Layer2" style="position:absolute; left:8px; top:86px; width:121px; height:405px; z-index:1"><img src="Images/nav-long-nad-fixedjsafja.png" width="121" height="489" border="0" align="top" usemap="#Map">

<map name="Map">

<area shape="rect" coords="16,24,99,59" href="index.php">

</map>

</div>

<div id="Layer8" style="position:absolute; left:150px; top:480px; width:812px; height:34px; z-index:8">

<hr class="HRULE">

</div>

<div id="Layer3" class="style4" style="position:absolute; left:517px; top:66px; width:95px; height:17px; z-index:1;">

<div align="center"><u><strong>students login. </strong></u></div>

</div>

<div id="Layer4" class="style6" style="position:absolute; left:629px; top:66px; width:107px; height:17px; z-index:9"><u>tutors login. </u></div>

<div id="Layer6" style="position:absolute; left:326px; top:55px; width:268px; height:18px; z-index:11">

<p class="style7"><u>welcome student.</u></p>

</div>

<div id="Layer7" class="style8" style="position:absolute; left:305px; top:135px; width:293px; height:38px; z-index:12">

<div align="center">please login below to access your account information, tutor requests, and personal information. </div>

</div>

<div id="Layer9" style="position:absolute; left:361px; top:229px; width:289px; height:71px; z-index:13">

<form ACTION="<?php echo $loginFormAction; ?>" method="POST" name="username" id="username" >

<p>

<input name="studentuser" type="text" class="Listmenu" id="studentuser" maxlength="30">

</p>

<p>

<input name="studentpwd" type="password" class="Listmenu" id="studentpwd" maxlength="30">

</p>

<p>

<input name="Submit" type="submit" value="Login">

</p>

</form>

</div>

<div id="Layer10" class="style9" style="position:absolute; left:427px; top:244px; width:88px; height:17px; z-index:14">

<p>username.</p>

</div>

<div id="Layer11" class="style9" style="position:absolute; left:429px; top:300px; width:90px; height:20px; z-index:15">password.</div>

<img src="Images/Banner.png" width="993" height="78">

<div id="Layer1" style="position:absolute; left:10px; top:7px; width:995px; height:87px; z-index:3;"></div>

</body>

</html>

 

 

 

The code for the user info page is below:

 

<?php require_once('Connections/Test.php'); ?><?php

session_start();

 

$colname_Recordset1 = "1";

if (isset($_SESSION['MM_Username'])) {

$colname_Recordset1 = (get_magic_quotes_gpc()) ? $_SESSION['MM_Username'] : addslashes($_SESSION['MM_Username']);

}

mysql_select_db($database_Test, $Test);

$query_Recordset1 = sprintf("SELECT username, `State`, `First Name`, `Last Name`, Subject, City, Cost FROM users WHERE username = '%s'", $colname_Recordset1);

$Recordset1 = mysql_query($query_Recordset1, $Test) or die(mysql_error());

$row_Recordset1 = mysql_fetch_assoc($Recordset1);

$totalRows_Recordset1 = mysql_num_rows($Recordset1);

?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

<title>Untitled Document</title>

</head>

 

<body>

<table width="75%" border="1">

<tr>

<td><?php echo $row_Recordset1['username']; ?></td>

<td><?php echo $row_Recordset1['First Name']; ?></td>

<td> </td>

</tr>

<tr>

<td><?php echo $row_Recordset1['City']; ?></td>

<td> </td>

<td> </td>

</tr>

<tr>

<td> </td>

<td> </td>

<td> </td>

</tr>

</table>

 

</body>

</html>

<?php

mysql_free_result($Recordset1);

?>

 

Can somebody please tell me whats wrong??? I really need to make a user detail page to make my website run well. Somebody please guide me in the right direction. Thanks!

[alejandro]

Homer:

 

I rewrote your studentlogin.php

just change your php code for this one, if you modify the code in Dreamweaver, the help is gone.

this code is different from the one in Dreamweaver.

 

 

<?php

session_start();

?>

<?php require_once('Connections/Test.php'); ?>

<?php

$myLogin = "0";

if (isset($HTTP_POST_VARS['username'])) {

$myLogin = (get_magic_quotes_gpc()) ? $HTTP_POST_VARS['username'] : addslashes($HTTP_POST_VARS['username']);

}

$myPasswordLogin = "0";

if (isset($HTTP_POST_VARS['username'])) {

$myPasswordLogin = (get_magic_quotes_gpc()) ? $HTTP_POST_VARS['username'] : addslashes($HTTP_POST_VARS['username']);

}

mysql_select_db($database_Test, $Test);

 

$query_Login = sprintf("SELECT username, password FROM users WHERE username = '%s' AND password = '%s'", $myLogin,$myPasswordLogin);

$Login = mysql_query($query_Login, $Test) or die(mysql_error());

$row_Login = mysql_fetch_assoc($Login);

$Rows_Login = mysql_num_rows($Login);

 

 

if($HTTP_POST_VARS['action']=="login"){

if($Rows_Login==0){

$errorMessage = "Please verify your ID and password";

} else {

//set session variable

session_register("yourvar");

$HTTP_SESSION_VARS['yourvar'] = $HTTP_POST_VARS['username'];

header("Location: userpage.php");

}

}

mysql_free_result($Login);

?>

 

 

You can have as many session variables as you want as i did above (yourvar).

Please note the error message that is sending you if you are not the one.

 

 

Heres the code for your userpage.php

 

<?php require_once('Connections/Test.php'); ?>

<?php

// ***

// Just put this piece of code on every page you want to protect

// ***

session_start();

if(!isset($HTTP_SESSION_VARS['yourvar'])){

header("Location: fail.php");

}

?>

<?php

$colname_Recordset1 = "1";

if (isset($HTTP_SESSION_VARS['yourvar'])) {

$colname_Recordset1 = (get_magic_quotes_gpc()) ? $HTTP_SESSION_VARS['yourvar'] : addslashes($HTTP_SESSION_VARS['yourvar']);

}

mysql_select_db($database_Test, $Test);

$query_Recordset1 = sprintf("SELECT username, `state` FROM users WHERE username = '%s'", $colname_Recordset1);

$Recordset1 = mysql_query($query_Recordset1, $c3) or die(mysql_error());

$row_Recordset1 = mysql_fetch_assoc($Recordset1);

$totalRows_Recordset1 = mysql_num_rows($Recordset1);

 

 

?>

[alejandro]

The last part of my message got chopped off.

 

Please note that you must change the fieldnames and form names according to your database fields.

 

Change the recordset on the userpage to suit your needs in Dreamweaver.

 

Let me know if I can be of further assistance.

 

Have fun.

 

 

 

[homer2568]

Thanks for all your help. I am still having a problem however. When I enter in a username and a password and hit submit it doesnt take me to the userpage. I think you forgot to include in the code that it should do that. Also, about changing the naems of the forms/form fields to match the database, I am not exactly sure what you mean but I changed my username field to the name 'username' and the password one to 'password' which are both the names of the username and password columns in the database. What should I name my form though? Thanks again!

[alejandro]

Your form can have any name like form1 or whatever

 

Form fields:

username

password

 

MySql fields:

username

password

 

the code for redirecting is around line 28 of studentlogin.php

 

Do you get any error message when you run the studentlogin page?

if so check the names of your database and table, I may have changed them.

 

Let me know if you succed.

 

Sorry if you get this twice, but I'm new here.

 

 

[homer2568]

All that happens when I run the login page is I enter in a valid username and password and hit submit and then it just brings me back to the login page (it looks as if the page reloads). I don't know why this is....

[homer2568]

Almost forgot...the error message does not appear at all

[alejandro]

homer

 

Check your mail.

 

I have uploaded the two pages and they work ok.

 

 

 

[fparker3]

alejandro

 

I did not understand what I should substitute for the "yourvar" in the following script.

 

//set session variable

      session_register("yourvar");

      $HTTP_SESSION_VARS['yourvar'] = $HTTP_POST_VARS['username'];

      header("Location: userpage.php");

  }

[fparker3]

I figured it out. Thanks

 

Could you send me the files that you sent to Homer?

 

Thanks.