Jump to content

Sessions


Garcia

Recommended Posts

I am trying to retrieve the user id of a member from my login page, but I do not know how set the variable and retrieve it on that page.

Log In:

[code]
<?php
//login page
session_start();
session_register("username", "id", "gid");
require ("config.php");

//if entered blank form returns error
foreach ($_POST as $field => $value)
{
          if ($value == "")
                {
                  $blanks[] = $field;
                }
}

if (isset ($blanks) )
{
        $message = "Following fields are blank. Please enter the required information:  ";
        foreach ($blanks as $value)
        {
                $message .= "$value, ";
        }
        extract ($_POST);
        include ('login_form.php');
        exit();
}

//Define variables.
$username = trim($_POST['username']);
$password = trim($_POST['password']);

//time to select information
$sql ="SELECT `username`,`password`, `id`, 'gid' FROM members WHERE username = '$username' AND password = md5('$password')";
$result = mysql_query($sql, $con);
$row = mysql_fetch_assoc($result);
mysql_error();

//We check if username and password is correct
$num = mysql_numrows ($result);
if ($num != 0)
{
        print "Welcome $username - your log-in succeeded!";
}
else
{
        print "Wrong username or password";
}

?>
[/code]

Here is the page where I want the sessions to appear. Now would I need to start a query to receive the users id and if I did how would I accomplish this?

[code]
<?php
require ('config.php');
session_start();
header("Cache-control: no-cache");

print $username;

print $id; //Not sure how to set this one up


?>
[/code]

Any help would be appreciated.

Thanks!
Link to comment
https://forums.phpfreaks.com/topic/34940-sessions/
Share on other sites

Get rid of the session_register(); and use the super global $_SESSION

So change this

[code]if ($num != 0)
{
        print "Welcome $username - your log-in succeeded!";[/code]


to this...

[code]if ($num != 0)
{
$_SESSION['username'] = $username;
$_SESSION['id'] = $row['id'];
$_SESSION['gid'] = $row['gid'];

        print "Welcome " . $_SESSION['username'] . " - your log-in succeeded!";[/code]


Then on your service pages!

[code]<?php
require ('config.php');
session_start();
header("Cache-control: no-cache");

if ( ! isset ( $_SESSION['username'] ) )
{
header ( 'Location: http://www.site.com/login_or_error.php' );
exit ();
}

// continue, logged in user

print $_SESSION['username'];

print '<br />';

print $_SESSION['id']; //Not sure how to set this one up


?> [/code]

printf
Link to comment
https://forums.phpfreaks.com/topic/34940-sessions/#findComment-164771
Share on other sites

Things are done using logic. Think of it this way.

You want to login someone in, so the person attempting the login supplies a (USERNAME, PASSWORD), so do you need to SELECT (USERNAME, PASSWORD) in the query, NO! Why, because you already have them. So the query should only SELECT what you need ( id, gid ).

printf
Link to comment
https://forums.phpfreaks.com/topic/34940-sessions/#findComment-164777
Share on other sites

Thanks all...

I get the username, and the id, but the gid displays simply 'gid' . I have the value 1 automatically set as default in the table for gid. 1 would equal the member's group.

Here is my updated codes.

Log In Script :

[code]
<?php
//login page
session_start();
session_register("username", "id", "gid");
require ("config.php");

//if entered blank form returns error
foreach ($_POST as $field => $value)
{
  if ($value == "")
{
  $blanks[] = $field;
}
}

if (isset ($blanks) )
{
$message = "Following fields are blank. Please enter the required information:  ";
foreach ($blanks as $value)
{
$message .= "$value, ";
}
extract ($_POST);
include ('login_form.php');
exit();
}

//Define variables.
$username = trim($_POST['username']);
$password = trim($_POST['password']);

//time to select information
$sql ="SELECT `username`,`password`, `id`, 'gid' FROM members WHERE username = '$username' AND password = md5('$password')";
$result = mysql_query($sql, $con);
$row = mysql_fetch_assoc($result);
mysql_error();

//We check if username and password is correct
$num = mysql_numrows ($result);
if ($num != 0)
{
$_SESSION['username'] = $username;
$_SESSION['id'] = $row['id'];
$_SESSION['gid'] = $row['gid'];

        print "Welcome " . $_SESSION['username'] . " - your log-in succeeded!";
}
else
{
print "Wrong username or password";
}

?>
[/code]

Here is where I am viewing / protecting the page.

[code]
<?php
require ('config.php');
session_start();
header("Cache-control: no-cache");

if ( ! isset ( $_SESSION['username'] ) )
{
header ( 'Location: login_form.php' );
exit ();
}

// continue, logged in user

print $_SESSION['username'];

print '<br />';

print $_SESSION['id'];

print '<br />';

print $_SESSION['gid'];

print '<br />';

if ( $_SESSION['gid'] == '1')
{
print "Authorized";
}
else
{
print "Not authorized";
}



?>
[/code]
The output for the IF statement shows Not Authorized but it should say Authorized.

Any help? Thanks :).
Link to comment
https://forums.phpfreaks.com/topic/34940-sessions/#findComment-164813
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.