[SOLVED] passing through variables in a session??

[rnb_cassanova]

Hi everyone,

 

I need to display records in a database that are only specific to the user ID that is logged in. Do i need to pass through variables in a session?  Currently i have -

 

code:

 

<?php

session_start();

 

require "connect.php";

if (isset($_SESSION['Login']) == false){

header("Location: Login.php");

exit();

}

//$query = "select * from proposals";

 

$query = "SELECT * FROM proposals ORDER BY proposalID DESC";

$result = mysql_query($query, $connection)

or die ("mySQL Error: ".mysql_error());

?>

 

Thanks guys.

 

David

[willpower]

yes dont just set a logged in var give them a userid sesssion var too.  that way you can track who's who and return specific data to them

[rnb_cassanova]

ok but im still a bit lost on how to do this, do i create another -if (isset($_SESSION['Login']) == false)? but specific to the user ID? Thanks Lads.

[revraz]

Set the session in the login page for their id.

[adam291086]

When your user logs in you will need to create a session

 

$SESSION['username'] = $username;

 

Then where you want to call that session just do

$SESSION['username'];

[adam291086]

error in my code.

 

$_SESSION['username'] = $username;

 

Then where you want to call that session just do

$_SESSION['username'];

[rnb_cassanova]

I have put -

 

<?php

session_start();

$SESSION['Name'] = $Name;

 

require "connect.php";

 

on my login pages and -

 

<?php

session_start();

$SESSION['Name'];

 

require "connect.php";

 

Where i want to call it into, at current its not working, can anyone help where i am going wrong?

 

Thanks Lads

 

[trq]

Its $_SESSION[] not $SESSION[].

[revraz]

Post your login page.

[richiec]

try

<?php
$user= $_SESSION["Name"];

$query="SELECT * FROM `table_name` WHERE `username_field` = '$user'";
$result=mysql_query($query) or die(mysql_error());

<?

If i understand what you want to do correctly... then echo what info you want

[rnb_cassanova]

my login page -

 

<?php

session_start();

$_SESSION['Name'] = $Name;

?>

<script language="JavaScript" type="text/JavaScript">

form action="logincheck2.php" method="get">

  <p align="center"> </p>

  <p align="center"> </p>

<p align="center"><span class="style1">User Name_</span><br>

  <input name="Login" type="text">

 

my login check -

 

<?php

session_start();

$_SESSION['Name'] = $Name;

 

require "connect.php";

$Login = $_GET['Login'];

$Password = $_GET['Password'];

$query = "select * from client where Login = '".$Login."' AND Password = '".$Password."'";

 

$result = mysql_query($query, $connection) or die ("unable to perform query<br>$query");

 

$row= mysql_fetch_array($result);

if ($row != null)

{

$_SESSION['Login'] = $row['Password'];

$_SESSION['Name'] = $row['Name'];

 

header("Location: welcompage2.php");

exit();

}

else

{

header("Location: login2.php");

exit();

}

?>

 

Sorry for a lot of code lads, just thought it may give a better indication than what I can explain.

 

Thanks again

 

 

[revraz]

Ok, your login name is already being set here

 

$_SESSION['Login'] = $row['Password'];

$_SESSION['Name'] = $row['Name'];

 

So if you want to add the ID, just add another session for the ID field.

 

So remove all the other $_SESSION['Name'] = $Name; code because they are just overwriting your existing session you already set.

 

Now, what do you want to do with the ID?

[rnb_cassanova]

ok cool, thats created, now i want the records only with the 'Name' field that correlates to them when they login to be displayed. eg - If the login is 'Alex' i want only the records in the DB which under the field 'Name' display 'Alex' to be shown, and all the others by other users to be hidden.

 

Thanks lads

[revraz]

You are already getting that info when they log in

 

$query = "select * from client where Login = '".$Login."' AND Password = '".$Password."'";

 

  $result = mysql_query($query, $connection) or die ("unable to perform query

$query");

 

  $row= mysql_fetch_array($result);

 

So you can either set a session for each item, or you can do the query again on the page you want to display it, but you won't have to re-verify the PW since you already verified it.

[rnb_cassanova]

ok but that reads the 'login' and not the 'Name' field, here is a pic of my Db-

 

http://i32.photobucket.com/albums/d36/B_318is/db.jpg

 

Do i now have to ecco the session within the page i want it to display within?

 

Cheers lads

[revraz]

Then just change the WHERE to the Name session.