Jump to content

MySQL Query Issue


Agold

Recommended Posts

Alright so I have a database table of users set up that creates a unique member_id for each new registered user. I then have a second table that stores data entries that also has a member_id field. When the users are logged in, they can enter a new entry into this second table. The problem I'm having is that when the entry is written into the database, the member_id field always comes up as "0." I'm using the session variables to pass the member_id to the query. Here's the code:

 

        //Create Member Session Variables
$memberID = $_SESSION['SESS_MEMBER_ID'];

//Create INSERT query
$qry = "INSERT INTO userBars(member_id, barName, barAddress, barCity, barState, barZip) VALUES('$memberID','$ename','$street','$city','$state','$zipcode')";
$result = @mysql_query($qry);

//Check whether the query was successful or not
if($result) {
	header("location: register-success.php");
	exit();
}else {
	die("Query failed");
}

 

 

When I echo the $memberID var I do in fact get the member_id, but when this script writes into the database, the member_id field is always set to "0." Anyone have any ideas as to why this might happen?

 

Link to comment
Share on other sites

session_start is only called at the log in page, I then use an auth.php script at the beginning of each client page to ensure the user is logged in and a session is running.

 

I modified the code as you stated and I still have the same problem. I even just changed the MySQL field to a char and I still get 0. This is really baffling me right now. I have the member_id echo'd at the top of the form just to be sure it's there in the session.

Link to comment
Share on other sites

Here's my login script:

 

<?php

//Start session

session_start();

 

//Include database connection details

require_once("$DOCUMENT_ROOT/../SQLlogin.php");

 

//Array to store validation errors

$errmsg_arr = array();

 

//Validation error flag

$errflag = false;

 

//Connect to mysql server

$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);

if(!$link) {

die('Failed to connect to server: ' . mysql_error());

}

 

//Select database

$db = mysql_select_db(DB_DATABASE);

if(!$db) {

die("Unable to select database");

}

 

//Function to sanitize values received from the form. Prevents SQL injection

function clean($str) {

$str = @trim($str);

if(get_magic_quotes_gpc()) {

$str = stripslashes($str);

}

return mysql_real_escape_string($str);

}

 

//Sanitize the POST values

$login = clean($_POST['login']);

$password = clean($_POST['password']);

 

//Input Validations

if($login == '') {

$errmsg_arr[] = 'Login ID missing';

$errflag = true;

}

if($password == '') {

$errmsg_arr[] = 'Password missing';

$errflag = true;

}

 

//If there are input validations, redirect back to the login form

if($errflag) {

$_SESSION['ERRMSG_ARR'] = $errmsg_arr;

session_write_close();

header("location: client_login.php");

exit();

}

 

//Create query

$qry="SELECT * FROM clients WHERE login='$login' AND passwd='".md5($_POST['password'])."'";

$result=mysql_query($qry);

 

//Check whether the query was successful or not

if($result) {

if(mysql_num_rows($result) == 1) {

//Login Successful

session_regenerate_id();

$member = mysql_fetch_assoc($result);

$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];

$_SESSION['SESS_FIRST_NAME'] = $member['firstname'];

$_SESSION['SESS_LAST_NAME'] = $member['lastname'];

session_write_close();

header("location: client_homepage.php");

exit();

}else {

//Login failed

header("location: login-failed.php");

exit();

}

}else {

die("Query failed");

}

?>

 

Everytime I echo $_SESSION['SESS_MEMBER_ID'] i get the member id, but for some reason it doesn't want to enter it in the query.

Link to comment
Share on other sites

Fixed, I've been confused by what session_start does I guess. I did not include it in this script thinking it restarts the session, but it appears it doesn't continue the session if I don't include it in every script? I should have known as the auth.php script has session start in it as well.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.