Jump to content

Sessions


Garcia

Recommended Posts

I am trying to retrieve the user id of a member from my login page, but I do not know how set the variable and retrieve it on that page.

Log In:

[code]
<?php
//login page
session_start();
session_register("username", "id", "gid");
require ("config.php");

//if entered blank form returns error
foreach ($_POST as $field => $value)
{
          if ($value == "")
                {
                  $blanks[] = $field;
                }
}

if (isset ($blanks) )
{
        $message = "Following fields are blank. Please enter the required information:  ";
        foreach ($blanks as $value)
        {
                $message .= "$value, ";
        }
        extract ($_POST);
        include ('login_form.php');
        exit();
}

//Define variables.
$username = trim($_POST['username']);
$password = trim($_POST['password']);

//time to select information
$sql ="SELECT `username`,`password`, `id`, 'gid' FROM members WHERE username = '$username' AND password = md5('$password')";
$result = mysql_query($sql, $con);
$row = mysql_fetch_assoc($result);
mysql_error();

//We check if username and password is correct
$num = mysql_numrows ($result);
if ($num != 0)
{
        print "Welcome $username - your log-in succeeded!";
}
else
{
        print "Wrong username or password";
}

?>
[/code]

Here is the page where I want the sessions to appear. Now would I need to start a query to receive the users id and if I did how would I accomplish this?

[code]
<?php
require ('config.php');
session_start();
header("Cache-control: no-cache");

print $username;

print $id; //Not sure how to set this one up


?>
[/code]

Any help would be appreciated.

Thanks!
Link to comment
Share on other sites

Get rid of the session_register(); and use the super global $_SESSION

So change this

[code]if ($num != 0)
{
        print "Welcome $username - your log-in succeeded!";[/code]


to this...

[code]if ($num != 0)
{
$_SESSION['username'] = $username;
$_SESSION['id'] = $row['id'];
$_SESSION['gid'] = $row['gid'];

        print "Welcome " . $_SESSION['username'] . " - your log-in succeeded!";[/code]


Then on your service pages!

[code]<?php
require ('config.php');
session_start();
header("Cache-control: no-cache");

if ( ! isset ( $_SESSION['username'] ) )
{
header ( 'Location: http://www.site.com/login_or_error.php' );
exit ();
}

// continue, logged in user

print $_SESSION['username'];

print '<br />';

print $_SESSION['id']; //Not sure how to set this one up


?> [/code]

printf
Link to comment
Share on other sites

Things are done using logic. Think of it this way.

You want to login someone in, so the person attempting the login supplies a (USERNAME, PASSWORD), so do you need to SELECT (USERNAME, PASSWORD) in the query, NO! Why, because you already have them. So the query should only SELECT what you need ( id, gid ).

printf
Link to comment
Share on other sites

Thanks all...

I get the username, and the id, but the gid displays simply 'gid' . I have the value 1 automatically set as default in the table for gid. 1 would equal the member's group.

Here is my updated codes.

Log In Script :

[code]
<?php
//login page
session_start();
session_register("username", "id", "gid");
require ("config.php");

//if entered blank form returns error
foreach ($_POST as $field => $value)
{
  if ($value == "")
{
  $blanks[] = $field;
}
}

if (isset ($blanks) )
{
$message = "Following fields are blank. Please enter the required information:  ";
foreach ($blanks as $value)
{
$message .= "$value, ";
}
extract ($_POST);
include ('login_form.php');
exit();
}

//Define variables.
$username = trim($_POST['username']);
$password = trim($_POST['password']);

//time to select information
$sql ="SELECT `username`,`password`, `id`, 'gid' FROM members WHERE username = '$username' AND password = md5('$password')";
$result = mysql_query($sql, $con);
$row = mysql_fetch_assoc($result);
mysql_error();

//We check if username and password is correct
$num = mysql_numrows ($result);
if ($num != 0)
{
$_SESSION['username'] = $username;
$_SESSION['id'] = $row['id'];
$_SESSION['gid'] = $row['gid'];

        print "Welcome " . $_SESSION['username'] . " - your log-in succeeded!";
}
else
{
print "Wrong username or password";
}

?>
[/code]

Here is where I am viewing / protecting the page.

[code]
<?php
require ('config.php');
session_start();
header("Cache-control: no-cache");

if ( ! isset ( $_SESSION['username'] ) )
{
header ( 'Location: login_form.php' );
exit ();
}

// continue, logged in user

print $_SESSION['username'];

print '<br />';

print $_SESSION['id'];

print '<br />';

print $_SESSION['gid'];

print '<br />';

if ( $_SESSION['gid'] == '1')
{
print "Authorized";
}
else
{
print "Not authorized";
}



?>
[/code]
The output for the IF statement shows Not Authorized but it should say Authorized.

Any help? Thanks :).
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.