Jump to content

[SOLVED] dynamic urls destroying my session variables HELP please!

validkeys

By validkeys
in PHP Coding Help

 Share

Recommended Posts

validkeys Member

validkeys

Posted
Posted

here is the user auth script i am using. i have this in a file called accesscontrol.php that  I include at the top of every page. If i am not logged in and put a URL in my browser like localhost/artist.php?artistid=16. It takes me to the login screen, i log in and then it takes me to localhost/artist.php?artistid=17 it takes me back to the login screen and no longer has my session variables registered.

 

Here's the code. What am I doing wrong?

 

Thanks

 

<?php
    include_once("functions/db/db1config.php");
include_once("functions/db/connect.php");

session_start();


//		condition           ? if true       :   if not true
$uname = isset($_POST['uname']) ? $_POST['uname'] : $_SESSION['uname'];
$pwd = isset($_POST['pwd']) ? $_POST['pwd'] : $_SESSION['pwd'];
$uid = isset($_POST['uid']) ? $_POST['uid'] : $_SESSION['uid'];

if(!isset($uname)) {
include("top.php");
include("leftad.php");
include("header.php");
include("topadbar.php");	
?>
<div id="accesscontainer" class="maincontent">	
<div id="loginform">
           
         //my login form

</div>

<div id="accessbody">
 	<div id="welcomeheader">Welcome to Company</div>
 <p>You must log in to access this area of the site. If you are
    not a registered user, <a href="signup.php">click here</a>
    to sign up for instant access!</p>
</div>
<div id="clearme"></div>
</div>
<?php
include("footer.php");
include("rightad.php");
include("closer.php");
exit;
}

$_SESSION['uname'] = $uname;
$_SESSION['pwd'] = $pwd;


$sql = "SELECT * FROM USER_AUTH WHERE
       USER_EMAIL = '$uname' AND USER_PASS = md5('$pwd')";
$result = mysql_query($sql);
if (!$result) {
error('A database error occurred while checking your '.
       'login details.\\nIfhis error persists, please '.
       'contact you@example.com.');
}

if (mysql_num_rows($result) == 0) {
unset($_SESSION['uname']);
unset($_SESSION['pwd']);
unset($_SESSION['uid']);

include("top.php");
include("leftad.php");
include("header.php");
include("topadbar.php");
?>

<div id="accesscontainer" class="maincontent">
<div id="loginform">

             //my login form

</div>

<div id="accessbody">
	 	<div id="welcomeheader">Access Denied</div>
			 <p>Your user ID or password is incorrect, or you are not a
			    registered user on this site. To try logging in again, click
			    <a href="<?=$_SERVER['PHP_SELF']?>">here</a>. To register for instant
			    access, click <a href="signup.php">here</a>.</p>
</div>
</div>

<?php
include("footer.php");
include("rightad.php");
include("closer.php");
exit;
}



$uname = mysql_result($result,0,'USER_FNAME');
$_SESSION['uid'] = 	mysql_result($result,0,'USER_ID');
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.