Jump to content

Recommended Posts

The last query error you posted is because $_SESSION['ID'] is empty. Putting quotes around it is just hiding the problem by making it an empty string instead of an empty numerical value.

 

In reply #21 in this thread, Pikachu2000 posted a suggestion for forming your query in a php variable and then using some error checking and error reporting logic that would display the query when a query error occurs. You should do this for every query in your code.

 

As to why the session variable is empty, you are likely missing a session_start() statement or are getting a session_start() error on either one or both the page that is setting the session variable or on the page that is using the session variable.

 

If you were developing and debugging your php code on a system with error_reporting set to E_ALL and display_errors set to ON so that all the php detected errors get reported and displayed, php will help you. You will also save a TON of time.

 

 

In case you don't have log in and sessions working you can try this.

<?php
require_once 'database.php';
$username = mysqli_real_escape_string($_POST['user']);

$queryA = "SELECT ID,level FROM user WHERE username = '".$username."' AND password = '".$_POST['pass']."'";   $resultA = mysql_query($queryA);
   $query_dataA = mysql_fetch_row($resultA);

      IF (!$query_dataA[0]) {
  $error = "You have submited an incorrect login and password combination.  Please try again...."; 
      }
   ELSE {
      session_start();

      $_SESSION['user_id']=$query_dataA[0];            
      $_SESSION['level']=$query_dataA[1];
IF ($_SESSION['level']==1){    
header("location:indexn.php");      
} 
IF ($_SESSION['level']==9){    
header("location:indexa.php");       
}           
}
//Assuming this is part of the login page echo error within content
IF (isset($error)) { echo "<p><b>$error</b>"; }

  You can then pick up the user ID at the top of any page which you can use for query's etc.

$userID=$_SESSION['user_id']; 

This might at least help sort out the user id issue.  Not sure if the space around your equals sign might have been giving you problems as well so I tightened them up below.

mysql_query(" UPDATE studenti SET $kol='$k1D' WHERE ID=$userID");

 

i got this error when using your code :

 

Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in /.../login2.php on line 3

If your session is truly an integer, you do not need to wtapit in single quotes in your query. Have you tried echoing the session before use in your query, to make sure it is the value that you want

 

yes, i've echo it and it's empty value ???

IT WORKS NOW !!  :D

 

that " Mysqli_real_escape_string() expects 2 parameters " error  i was getting when i used code from Drummin.. i put back old one and just correct some syntax mistakes and now it works !!

 

Thank you guys for your help and time, i'm beginner but i can tell that PHP is very powerfull, i got a lot to learn and i hope i would..

I have some more questions but i will start another topic

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.