Jump to content

Using session variables in HTML form?

Moron

By Moron
in PHP Coding Help

Recommended Posts

Moron Regular Member

Moron

Posted
Posted
I have a php "results" page that works great ater a user enters their username and password. But...I want to trigger the next page without them having to re-enter their username and password.

At the top of all my pages, I have a session established:

[code]
<?php
header('Content-Type: image/jpeg');
session_start();
$_SESSION['empcode'] = $empcode;
$_SESSION['middle'] = $middle;
$_SESSION['firstname'] = $firstname;
$_SESSION['lastname'] = $lastname;
$_SESSION['leavehours'] = $leavehours;
$_SESSION['password'] = $password;
?>[/code]

But I can't seem to get these variables to pass on to the next page.

I'm using:

[code]
<input name="<?php $password ?>" type="hidden"><BR>
<input name="<?php $empcode ?>" type="hidden"><BR> [/code]

It no worky. So what am I doing wrong?

Link to comment
https://forums.phpfreaks.com/topic/28751-using-session-variables-in-html-form/
Share on other sites
kenrbnsn Regular Member

kenrbnsn

Posted
Posted
You're code is incorrect. Try something like this:
[code]
<input type="hidden" name="password" value="<?php echo $password ?>">
<input type="hidden" name="empcode" value="<?php echo $empcode ?>">
[/code]

But why are you using hidden fields when the values are already in the SESSION?

Ken
The Little Guy Prolific Member

The Little Guy

Posted
Posted
Here is how I usually do my login pages
[code]<?php
include"db.php";//include database
$email = addslashes($_POST['user_email']);//set email/username var
$pass = addslashes($_POST['user_password']);//set password var
$sql = mysql_query("SELECT * FROM users WHERE email='$email' AND password='$pass'");//search database
$row = mysql_fetch_array($sql);//return a row
if(isset($_POST['submit']) && ($row)){//if post was set, and a row was returned set sessions
session_start();
$_SESSION['email'] = $row['email'];
$_SESSION['first'] = $row['first'];
$_SESSION['last'] = $row['last'];
$_SESSION['zip'] = $row['zip'];
$_SESSION['city'] = $row['city'];
$_SESSION['gender'] = $row['gender'];
$_SESSION['DOB'] = $row['DOB'];
$_SESSION['userid'] = $row['user_id'];
$_SESSION['loggedin'] = 1;
$date = date("m-d-Y");
mysql_query("UPDATE users SET last_login='$date' WHERE user_id='$_SESSION[userid]'")or die(mysql_error());
header("Location: user.php");//Redirect to users page
}else{//else destroy any session made
session_start();
$_SESSION = array();
if (isset($_COOKIE[session_name()])) {
  setcookie(session_name(), '', time()-42000, '/');
}
session_destroy();
header("Location: index.php");//redirect back to the login page
}
?>[/code]

for every page that is a "Logged in Users" page, you MUST have session_start() at the top otherwise it wont work as a users page.
Moron Regular Member

Moron

Posted
  • Author
Posted
[quote author=kenrbnsn link=topic=116597.msg475136#msg475136 date=1164733632]
You're code is incorrect. Try something like this:
[code]
<input type="hidden" name="password" value="<?php echo $password ?>">
<input type="hidden" name="empcode" value="<?php echo $empcode ?>">
[/code]

But why are you using hidden fields when the values are already in the SESSION?

Ken
[/quote]

I tried this, but the query still crashes. Using your code suggestions, my form is as follows:

[code]<tr>
<td align=right>
<form action="paystubresults.php" name="paystubs" method="post">

</td>
<td align=left>
<input type="hidden" name="password" value="<?php echo $password ?>">
<input type="hidden" name="empcode" value="<?php echo $empcode ?>">

</td>
</tr>
<tr>
<td align=right>
</td>
<td align=left>
</td>
</tr>
<tr>
<td align=center colspan=2><BR>
<input type="submit"/ value="Paystubs">
</form>
</td>
</tr>

[/code]
Moron Regular Member

Moron

Posted
  • Author
Posted
[quote author=The Little Guy link=topic=116597.msg475142#msg475142 date=1164733890]
for every page that is a "Logged in Users" page, you MUST have session_start() at the top otherwise it wont work as a users page.
[/quote]

I have that same session_start() section at the top of every page involved, using the same variables.

Good thought, though.
Moron Regular Member

Moron

Posted
  • Author
Posted
[quote author=kenrbnsn link=topic=116597.msg475136#msg475136 date=1164733632]

But why are you using hidden fields when the values are already in the SESSION?

Ken
[/quote]

I'll refer you to my user name..... :D

I'm a beginner to PHP. So what would be a better way to make a Submit button to hit the other page? It's still not working. The query dies and says "invalid username and password."


roopurt18 Advanced Member

roopurt18

Posted
Posted
Well, sessions are used to store values across pages transparently to the user.  If you already have values in the session, there is no need to include them in a form in a hidden field.

Now if you wanted to give the user a chance to change those values with the form, it'd be a different matter altogether.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.