Agold Posted April 6, 2011 Share Posted April 6, 2011 Alright so I have a database table of users set up that creates a unique member_id for each new registered user. I then have a second table that stores data entries that also has a member_id field. When the users are logged in, they can enter a new entry into this second table. The problem I'm having is that when the entry is written into the database, the member_id field always comes up as "0." I'm using the session variables to pass the member_id to the query. Here's the code: //Create Member Session Variables $memberID = $_SESSION['SESS_MEMBER_ID']; //Create INSERT query $qry = "INSERT INTO userBars(member_id, barName, barAddress, barCity, barState, barZip) VALUES('$memberID','$ename','$street','$city','$state','$zipcode')"; $result = @mysql_query($qry); //Check whether the query was successful or not if($result) { header("location: register-success.php"); exit(); }else { die("Query failed"); } When I echo the $memberID var I do in fact get the member_id, but when this script writes into the database, the member_id field is always set to "0." Anyone have any ideas as to why this might happen? Quote Link to comment Share on other sites More sharing options...
SamT_ Posted April 6, 2011 Share Posted April 6, 2011 Remove the quotes around $memberID in your query and be sure to cast it as an int when you create it, i.e. $memberID = (int) $_SESSION['SESS_MEMBER_ID']; Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted April 6, 2011 Share Posted April 6, 2011 Is session_start() called in both this script, and the one that assigns the value to the $_SESSION variable? Quote Link to comment Share on other sites More sharing options...
Agold Posted April 6, 2011 Author Share Posted April 6, 2011 session_start is only called at the log in page, I then use an auth.php script at the beginning of each client page to ensure the user is logged in and a session is running. I modified the code as you stated and I still have the same problem. I even just changed the MySQL field to a char and I still get 0. This is really baffling me right now. I have the member_id echo'd at the top of the form just to be sure it's there in the session. Quote Link to comment Share on other sites More sharing options...
Agold Posted April 6, 2011 Author Share Posted April 6, 2011 Here's my login script: <?php //Start session session_start(); //Include database connection details require_once("$DOCUMENT_ROOT/../SQLlogin.php"); //Array to store validation errors $errmsg_arr = array(); //Validation error flag $errflag = false; //Connect to mysql server $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } //Function to sanitize values received from the form. Prevents SQL injection function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } //Sanitize the POST values $login = clean($_POST['login']); $password = clean($_POST['password']); //Input Validations if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } //If there are input validations, redirect back to the login form if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: client_login.php"); exit(); } //Create query $qry="SELECT * FROM clients WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result) == 1) { //Login Successful session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_FIRST_NAME'] = $member['firstname']; $_SESSION['SESS_LAST_NAME'] = $member['lastname']; session_write_close(); header("location: client_homepage.php"); exit(); }else { //Login failed header("location: login-failed.php"); exit(); } }else { die("Query failed"); } ?> Everytime I echo $_SESSION['SESS_MEMBER_ID'] i get the member id, but for some reason it doesn't want to enter it in the query. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted April 6, 2011 Share Posted April 6, 2011 What is the format of member_id? Is in an integer, string, or . . . ? What is the data type of the field in the database, and is it set to a large enough size? Quote Link to comment Share on other sites More sharing options...
Agold Posted April 6, 2011 Author Share Posted April 6, 2011 I've had it set to both int(11) and char(11), neither seems to work. Quote Link to comment Share on other sites More sharing options...
Agold Posted April 6, 2011 Author Share Posted April 6, 2011 Hmmm something must be going on with the session because when I echo it after running the script, it's set to 0. Quote Link to comment Share on other sites More sharing options...
Agold Posted April 6, 2011 Author Share Posted April 6, 2011 Fixed, I've been confused by what session_start does I guess. I did not include it in this script thinking it restarts the session, but it appears it doesn't continue the session if I don't include it in every script? I should have known as the auth.php script has session start in it as well. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted April 6, 2011 Share Posted April 6, 2011 That's why I asked. You need to call session_start() in any script that will access $_SESSION vars. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.