blueman378 Posted March 8, 2008 Share Posted March 8, 2008 hi guys, well i am trying to use this code: include("database.php"); $username = $_REQUEST['username']; $password = $_REQUEST['password']; $password = md5($password); global $database; $q = "SELECT * FROM users WHERE username = '$username' AND password = '$password' "; $result = $database->query($q) or die("Error: " . mysql_error()); $num_rows = mysql_numrows($result); if( $num_rows == 1 ){ session_start(); $_SESSION['username'] = $row['username']; $_SESSION['userid'] = $row['id']; $_SESSION['userlevel'] = $row['userlevel']; $_SESSION['loggedin'] = "TRUE"; echo "hello"; echo $_SESSION['username']; } which works... kindof $_SESSION['username'] $_SESSION['userid'] $_SESSION['userlevel'] do not seem to be getting set as if i change "echo $_SESSION['username'];" to echo $_SESSION['loggedin']; it will echo true, however if i have it as anything else, nothing gets echoed, i know that the information is getting retrieved from the database as the code itself is running, any ideas? Quote Link to comment Share on other sites More sharing options...
Stooney Posted March 8, 2008 Share Posted March 8, 2008 try this: <?php session_start(); include("database.php"); $username = mysql_real_escape_string($_REQUEST['username']); $password = md5($_REQUEST['password']); global $database; $q = "SELECT * FROM users WHERE username = '$username' AND password = '$password'"; $result = $database->query($q) or die("Error: " . mysql_error()); if(mysql_num_rows($result)==1){ $row=mysql_fetch_array($result); $_SESSION['username'] = $row['username']; $_SESSION['userid'] = $row['id']; $_SESSION['userlevel'] = $row['userlevel']; $_SESSION['loggedin'] = "TRUE"; } ?> Quote Link to comment Share on other sites More sharing options...
Stooney Posted March 8, 2008 Share Posted March 8, 2008 Also I should note that globals are bad and you should avoid using them. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.