Forum Moderators: coopster
I would greatly appreciate any help as I am going in circles!
This file processes:
<?php
// we must never forget to start the session
session_start();
$errorMessage = '';
if (isset($_POST['username']) && isset($_POST['password'])) {
include 'library/config.php';
include 'library/opendb.php';
$username = $_POST['username'];
$password = $_POST['password'];
// check if the user id and password combination exist in database
$sql = "SELECT user_id
FROM users
WHERE user_id = '$username' AND user_password = PASSWORD('$password')";
$result = mysql_query($sql) or die('Query failed. ' . mysql_error());
if(mysql_num_rows($result)) {
$_SESSION['loggedin'] = 1;
$_SESSION['username'] = '$username';
$_SESSION['password'] = '$password';
}
// move user
$sql = "SELECT url
FROM users
WHERE user_id = '$username' AND user_password = PASSWORD('$password')";
$result = mysql_query("SELECT url FROM users
WHERE user_id = '$username' AND user_password = PASSWORD('$password') ");
$row = mysql_fetch_row($result) or die ( header("Location: error.php"));
$url = $row['0']; // define the correct element for the field url
// after login we move to the main page
// or to admin
// or to failsafe
header("Location: index.php");
exit;
}
?>
<? include ('includes/config.php');?>
<? include ('includes/header_login.php');?>
<!-- Start Page -->
<div id="maincol">
<br />
<fieldset><legend>Site Manage - Login</legend>
<div id="cform">
<form action="login.php" method="post" name="frmLogin" id="frmLogin">
<div class="top">
<span class="lab">Username:</span>
<span class="layer">
<input name="username" type="text" id="username"><br />
</span>
</div>
<div class="top">
<span class="lab">Password:</span>
<span class="layer">
<input name="password" type="password" id="password"><br />
</span>
</div>
<div class="top">
<span class="layer">
<input name="btnLogin" type="submit" id="btnLogin" value="Login">
</span>
</div>
</form>
</div>
</fieldset>
This file is the include file on each page:
<?php
session_start();
// is the one accessing this page logged in or not?
if (!isset($_SESSION['loggedin']))
{
// not logged in, move to login page
header('Location: /login.php');
}
include("../library/config.php");
include("../library/opendb.php");
$id=$_POST['id'];
$query=" SELECT * FROM users";
$result=mysql_query($query);
$num=mysql_num_rows($result);
mysql_close();
$i=0;
while ($i < $num) {
$user_id=mysql_result($result,$i,"user_id");
?>
<?
++$i;
}
?>
Then I try to display the user with:
<? SESSION_$('username')?>
Is it that there is nothing stored in the session variable $_SESSION('username').. or are you allowed to even log in at all?
this is prob just a type error but you are not using echo to write to the page at the bottom <?=$_SESSION('username')?>
Ally
print_r($_SESSION);
dc
Where would I add the print_r($_SESSION);?
Array ( [loggedin] => 1 [username] => $username [password] => $password )
so it looks like it is not adding the user to the session?
Should it be showing admin ie. if the admin was logged in?
if(mysql_num_rows($result)) {
$_SESSION['loggedin'] = 1;
$_SESSION['username'] = '$username';
$_SESSION['password'] = '$password';
}
Excuse my bad knowledge..
So how would I then output the username?
Would I use the print_r function?
Fatal error: Call to undefined function: array() in /home/symmetry/public_html/sitemanage/index.php on line 16
when adding the <?=$_SESSION('username')?>
if(mysql_num_rows($result)) {
$_SESSION['loggedin'] = 1;
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
} Array (
[loggedin] => 1
[username] => $username
[password] => $password
)
print $_SESSION['username'];
