Jump to content

Sessions are confusing me

Noskiw

By Noskiw
in PHP Coding Help

 Share

Recommended Posts

Noskiw Regular Member

Noskiw

Posted
Posted

I'm trying to create a login script that keeps the user logged in until computer shut down. So far it is successful. But when I try to add the member ID on to the page. It just doesn't show up. I've tried to save the ID in the form of a session .

 

<?php
    
$username = $_POST['username'];
$password = $_POST['password'];

echo "<br />";

if($_POST['submit']){
    if($username||$firstname && $lastname && $password){
        $sql = "SELECT * FROM users WHERE username='".$username."' && id='".$id."'";
        $res = mysql_query($sql) or die(mysql_error());
        
        $numrows = mysql_num_rows($res);
        
        if($numrows != 0){
            while($row = mysql_fetch_assoc($res)){
                $dbusername = $row['username'];
                $dbpassword = $row['password'];
                $dbfirstname = $row['first Name'];
                $dblastname = $row['last Name'];
                $id = $row['id'];
            }
            
            if($username==$dbusername && md5($password)==$dbpassword){
                echo "You're now <b>Logged In</b> Click <a href='index.php?p=member'><b>here</b></a> to enter the member page!";
                $_SESSION['username']=$username;
                $_SESSION['first Name']=$dbfirstname;
                $_SESSION['last Name']=$dblastname;
                $_SESSION['id']=$id;
            }else{
                echo "Incorrect password!";
            }
            
        }else{
            echo "That user <b>doesn't</b> exist!";
        }
        
    }else{
        echo "Please <b>enter</b> a username and a password!";
    }
}

if(!$_POST['submit']){

?>

<form action="index.php?p=login" method="POST">

    <table>
    
        <h1>Login</h1>
        
        <tr><td>Username: </td><td><input type="text" name="username" /></td></tr>
        <tr><td>Password: </td><td><input type="password" name="password" /></td></tr>
        <tr><td><input type="submit" name="submit" value="Login" /></td></tr>
    
    </table>

</form>

<?php

}

?>

Link to comment
https://forums.phpfreaks.com/topic/203852-sessions-are-confusing-me/
Share on other sites
Noskiw Regular Member

Noskiw

Posted
  • Author
Posted

I've taken out the $firstname and $lastname.

 

This is my code now

 

<?php
    
$username = $_POST['username'];
$password = $_POST['password'];
$id = $_GET['id'];

echo "<br />";

if($_POST['submit']){
    if($username && $password){
        $sql = "SELECT * FROM users WHERE username='".$username."' && id='".$id."'";
        $res = mysql_query($sql) or die(mysql_error());
        
        $numrows = mysql_num_rows($res);
        
        if($numrows != 0){
            while($row = mysql_fetch_assoc($res)){
                $dbusername = $row['username'];
                $dbpassword = $row['password'];
                $dbfirstname = $row['first Name'];
                $dblastname = $row['last Name'];
                $id = $row['id'];
            }
            
            if($username==$dbusername && md5($password)==$dbpassword){
                echo "You're now <b>Logged In</b> Click <a href='index.php?p=member'><b>here</b></a> to enter the member page!";
                $_SESSION['username']=$username;
                $_SESSION['first Name']=$dbfirstname;
                $_SESSION['last Name']=$dblastname;
                $_SESSION['id']=$id;
            }else{
                echo "Incorrect password!";
            }
            
        }else{
            echo "That user <b>doesn't</b> exist!";
        }
        
    }else{
        echo "Please <b>enter</b> a username and a password!";
    }
}

if(!$_POST['submit']){

?>

<form action="index.php?p=login" method="POST">

    <table>
    
        <h1>Login</h1>
        
        <tr><td>Username: </td><td><input type="text" name="username" /></td></tr>
        <tr><td>Password: </td><td><input type="password" name="password" /></td></tr>
        <tr><td><input type="submit" name="submit" value="Login" /></td></tr>
    
    </table>

</form>

<?php

}

?>

 

I have no idea where to assign the $id.

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

I've got a more basic question for you. Why did you add  && id='".$id."' to the query in your login code that is checking if the entered username is in your database table?

 

Computers only do exactly what their code and data tells them to do. If you cannot state why and where you are going to do something, you cannot write any code to accomplish it.

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

Provided you have a column named id and you are actually being logged in (the 'You're now Logged In' is being echoed) so you know that the code setting the session variables is being executed, your existing code -

 

....
$id = $row['id'];
....
$_SESSION['id']=$id;
....

 

should be setting $_SESSION['id'] with the id from the user's row in your table when the user logs in.

 

How do you know it is not? What is your code that is trying to use that information and what exact symptoms are you getting that tells you there is no value?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.