Jump to content

Sessions

Garcia

By Garcia
in PHP Coding Help

Recommended Posts

Garcia Member

Garcia

Posted
Posted
I am trying to retrieve the user id of a member from my login page, but I do not know how set the variable and retrieve it on that page.

Log In:

[code]
<?php
//login page
session_start();
session_register("username", "id", "gid");
require ("config.php");

//if entered blank form returns error
foreach ($_POST as $field => $value)
{
          if ($value == "")
                {
                  $blanks[] = $field;
                }
}

if (isset ($blanks) )
{
        $message = "Following fields are blank. Please enter the required information:  ";
        foreach ($blanks as $value)
        {
                $message .= "$value, ";
        }
        extract ($_POST);
        include ('login_form.php');
        exit();
}

//Define variables.
$username = trim($_POST['username']);
$password = trim($_POST['password']);

//time to select information
$sql ="SELECT `username`,`password`, `id`, 'gid' FROM members WHERE username = '$username' AND password = md5('$password')";
$result = mysql_query($sql, $con);
$row = mysql_fetch_assoc($result);
mysql_error();

//We check if username and password is correct
$num = mysql_numrows ($result);
if ($num != 0)
{
        print "Welcome $username - your log-in succeeded!";
}
else
{
        print "Wrong username or password";
}

?>
[/code]

Here is the page where I want the sessions to appear. Now would I need to start a query to receive the users id and if I did how would I accomplish this?

[code]
<?php
require ('config.php');
session_start();
header("Cache-control: no-cache");

print $username;

print $id; //Not sure how to set this one up


?>
[/code]

Any help would be appreciated.

Thanks!
Link to comment
https://forums.phpfreaks.com/topic/34940-sessions/
Share on other sites
printf Newbie

printf

Posted
Posted
Get rid of the session_register(); and use the super global $_SESSION

So change this

[code]if ($num != 0)
{
        print "Welcome $username - your log-in succeeded!";[/code]


to this...

[code]if ($num != 0)
{
$_SESSION['username'] = $username;
$_SESSION['id'] = $row['id'];
$_SESSION['gid'] = $row['gid'];

        print "Welcome " . $_SESSION['username'] . " - your log-in succeeded!";[/code]


Then on your service pages!

[code]<?php
require ('config.php');
session_start();
header("Cache-control: no-cache");

if ( ! isset ( $_SESSION['username'] ) )
{
header ( 'Location: http://www.site.com/login_or_error.php' );
exit ();
}

// continue, logged in user

print $_SESSION['username'];

print '<br />';

print $_SESSION['id']; //Not sure how to set this one up


?> [/code]

printf
Link to comment
https://forums.phpfreaks.com/topic/34940-sessions/#findComment-164771
Share on other sites
printf Newbie

printf

Posted
Posted
Things are done using logic. Think of it this way.

You want to login someone in, so the person attempting the login supplies a (USERNAME, PASSWORD), so do you need to SELECT (USERNAME, PASSWORD) in the query, NO! Why, because you already have them. So the query should only SELECT what you need ( id, gid ).

printf
Link to comment
https://forums.phpfreaks.com/topic/34940-sessions/#findComment-164777
Share on other sites
Garcia Member

Garcia

Posted
  • Author
Posted
Thanks all...

I get the username, and the id, but the gid displays simply 'gid' . I have the value 1 automatically set as default in the table for gid. 1 would equal the member's group.

Here is my updated codes.

Log In Script :

[code]
<?php
//login page
session_start();
session_register("username", "id", "gid");
require ("config.php");

//if entered blank form returns error
foreach ($_POST as $field => $value)
{
  if ($value == "")
{
  $blanks[] = $field;
}
}

if (isset ($blanks) )
{
$message = "Following fields are blank. Please enter the required information:  ";
foreach ($blanks as $value)
{
$message .= "$value, ";
}
extract ($_POST);
include ('login_form.php');
exit();
}

//Define variables.
$username = trim($_POST['username']);
$password = trim($_POST['password']);

//time to select information
$sql ="SELECT `username`,`password`, `id`, 'gid' FROM members WHERE username = '$username' AND password = md5('$password')";
$result = mysql_query($sql, $con);
$row = mysql_fetch_assoc($result);
mysql_error();

//We check if username and password is correct
$num = mysql_numrows ($result);
if ($num != 0)
{
$_SESSION['username'] = $username;
$_SESSION['id'] = $row['id'];
$_SESSION['gid'] = $row['gid'];

        print "Welcome " . $_SESSION['username'] . " - your log-in succeeded!";
}
else
{
print "Wrong username or password";
}

?>
[/code]

Here is where I am viewing / protecting the page.

[code]
<?php
require ('config.php');
session_start();
header("Cache-control: no-cache");

if ( ! isset ( $_SESSION['username'] ) )
{
header ( 'Location: login_form.php' );
exit ();
}

// continue, logged in user

print $_SESSION['username'];

print '<br />';

print $_SESSION['id'];

print '<br />';

print $_SESSION['gid'];

print '<br />';

if ( $_SESSION['gid'] == '1')
{
print "Authorized";
}
else
{
print "Not authorized";
}



?>
[/code]
The output for the IF statement shows Not Authorized but it should say Authorized.

Any help? Thanks :).
Link to comment
https://forums.phpfreaks.com/topic/34940-sessions/#findComment-164813
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.