$_session Probelms

[proctk]

Hi

I used the tutorial from this web site to create a membership. I trying to you a value that was set using session s on page one and call it on page 2, I'm having no luck making this work

Code to set the sessions

Note "echo($username);" (bold in second part of code) calls the username name to login to my database ??????
[code]
<html>
<head>
<title>Secure Login Page</title>
</head>
<body>

<?
/* Check User Script */
session_start();  // Start Session

include 'dp.php';
// Conver to simple variables
$username = $_POST['username'];
$password = $_POST['password'];



if((!$username) || (!$password)){
    echo "Please enter ALL of the information! <br />";
    include 'login.php';
    exit();
}

// Convert password to md5 hash
$password = md5($password);

// check if the user info validates the db
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' AND activated='1'");
$login_check = mysql_num_rows($sql);

if($login_check > 0){
    while($row = mysql_fetch_array($sql)){
    foreach( $row AS $key => $val ){
        $$key = stripslashes( $val );
    }
        // Register some session variables!
        
        $_SESSION['first_name'] = $first_name;
        
        $_SESSION['last_name'] = $last_name;
        
        $_SESSION['email_address'] = $email_address;
      
        $_SESSION['user_level'] = $user_level;
        
        $_SESSION['username'] = $username;
        
        mysql_query("UPDATE users SET last_login=now() WHERE userid='$userid'");
        
        header("Location: login_success.php");
    }
[/code]
code calling the sessions

[code]
<html>
<head>
<title>Get My Info</title>
</head>

<body>
<?



session_start();
include 'db.php';
[b]
echo($username);[/b]


// note, if userid is not a numeric type column, then $userid must be quoted
$query = "SELECT * FROM users WHERE username = '$username'";
$result = @mysql_query($query);

if(!$result)
{
  trigger_error("<p>SQL ERROR:<br>".mysql_error()."<br>Query: $query</p>",
                E_USER_WARNING);
}
elseif(mysql_numrows($result) != 1)
{
  trigger_error("<p>DB ERROR: There were multiple matches on this User ID</p>",
                E_USER_WARNING);
}
else  // we got exactly one match on the User ID
{
   echo "<b><center>Database Output</center></b><br><br>";
  
   // only 1 match, so we don't need a loop
   $row = mysql_fetch_assoc($result);
   extract($row, EXTR_PREFIX_ALL, "user");
   mysql_close();
  
   echo <<<END
  
<b>$user_first_name $user_last_name</b><br>
Date of Birth: $user_DOB<br>
<b>Address</b><br>
Street Address: $user_Street_address<br>
Other Mailing Information: $user_post_office_box<br>
City: $user_city <br>
Province: $user_province<br>
Postal Code: $user_postal<br>
Home Phone Number: $user_home_phone<br>
Email Address: $user_email_address<br>

<hr><br>
END;
}

?>
</body>
[/code]

[wisewood]

in the code calling the sessions (2nd lot of code you posted) you should use;

echo "$_SESSION[username]";


when using echo "$username"; it is calling the $username value from your db.php include file. Once you've set a session variable and left the page where the original variable was, you'll have to use the $_SESSION[variable_name] method to call it in for use.

Hope this clears things up for you.

[Orio]

Btw, you should place in both codes the "session_start();" At the very top of the page because you will get: "Headers already sent" error.

Orio.

[proctk]

Orio

Are you sugesting that I put the "session_start();" at the very top and put within its own php tags.

wisewood

I made the change but for some reason its to dispaying anything.
I believe that the php code is scripted correctly as the page title displays on my web brozer page tab

thank you for the help

if I wanted to assign the session value to a variable

would I do it this way

$username = $_SESSION[username];

[wisewood]

Ignore the bit below, i didnt read your question properly. You are correct.

[ignore]
other way around.

$_SESSION[username] = $_POST[username];

the session username is to be the same as the post username. Not the other way around.

If you set it the wrong way around, you will be setting the other variable with the value of the session, which hasnt been assigned yet, so its empty.
[/ignore]

And yes, you need to set <?php session_start(); ?> RIGHT AT THE TOP of your document, before you put any HTML tags in at all.

[proctk]

Thank you wisewood for the help.

I'm probley making this more complicated then needed but any way

The first post to made I need this
echo "$_SESSION[username]"; to call the value assigned to the username. Am I correct in assuming that the value of username should have displayed on the page. If so nothing displayed which leads me to believe I have an error in the code that sets the session value

thank you once again

[wisewood]

The code you have below is setting the session variables correctly... however i dont see where the $first_name, $last_name, $email_address, $user_level & $username variables are coming from.

[code]
        // Register some session variables!
        
        $_SESSION['first_name'] = $first_name;
        
        $_SESSION['last_name'] = $last_name;
        
        $_SESSION['email_address'] = $email_address;
      
        $_SESSION['user_level'] = $user_level;
        
        $_SESSION['username'] = $username;
[/code]


oh... i think i might have it.

($login_check > 0){
while($row = mysql_fetch_array($sql)){
foreach( $row AS $key => $val ){
$$key = stripslashes( $val );



you have $$key instead of $key.

[proctk]

And I continue to drag this on, I made the change and Tried it with no luck, I reviewed the code trying to find any other issues, but my rookyness provales and I cannot figure out what is wrong