session problems...

[blueman378]

hi guys, well i am trying to use this code:

include("database.php");
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$password = md5($password);
global $database;
    $q = "SELECT * FROM users
          WHERE username = '$username' AND password = '$password'
         ";   
    $result = $database->query($q) or die("Error: " . mysql_error());
    $num_rows = mysql_numrows($result);

if( $num_rows == 1 ){
      session_start();
$_SESSION['username'] = $row['username'];
$_SESSION['userid'] = $row['id'];
$_SESSION['userlevel'] = $row['userlevel'];
$_SESSION['loggedin'] = "TRUE";
echo "hello";  
echo $_SESSION['username'];
}

which works... kindof

$_SESSION['username']

$_SESSION['userid']

$_SESSION['userlevel']

do not seem to be getting set as if i change

"echo $_SESSION['username'];" to echo $_SESSION['loggedin'];

it will echo true,

however if i have it as anything else, nothing gets echoed,

i know that the information is getting retrieved from the database as the code itself is running,

 

any ideas?

[Stooney]

try this:

 

<?php
session_start();
include("database.php");

$username = mysql_real_escape_string($_REQUEST['username']);
$password = md5($_REQUEST['password']);
global $database;
$q = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";   
$result = $database->query($q) or die("Error: " . mysql_error());

if(mysql_num_rows($result)==1){
$row=mysql_fetch_array($result);
$_SESSION['username'] = $row['username'];
$_SESSION['userid'] = $row['id'];
$_SESSION['userlevel'] = $row['userlevel'];
$_SESSION['loggedin'] = "TRUE"; 
}
?>

[Stooney]

Also I should note that globals are bad and you should avoid using them.