473,320 Members | 1,695 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

database values to $_SESSION array

Hi Im trying to do something a little more complex with my login script at the moment it works fine, checks the username and password with the database if its wrong it echo's a error and if its right redirects the user to the main page with the session variable logged_in = true

but what i have done now is added more feileds into the user table name company email ect.

what i want to do is on successful login pull the users information and set those variables as session variables

heres what i got.....(but its not working could you look at it sometime please)
Expand|Select|Wrap|Line Numbers
  1. <?php
  2. session_start();
  3.         session_register ("userid");
  4.         session_register ("username");
  5.         session_register ("email");
  6.         session_register ("password");
  7.         session_register ("accesslevel");
  8.         session_register ("account");
  9.         session_register ("firstname");
  10.         session_register ("lastname");
  11.         session_register ("company");
  12.         session_register ("enabled");
  13.         session_register ("active");
  14.         session_register ("rep");
  15.         session_register ("fail");
  16. $errorMessage = '';
  17. if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
  18.     include 'include/database/config.php';
  19.     include 'include/database/opendb.php';
  20.     $userId   = $_POST['txtUserId'];
  21.     $password = $_POST['txtPassword'];
  22.     // check if the user id and password combination exist in database
  23.     $sql = "SELECT * 
  24.             FROM users
  25.             WHERE username = '$userId' AND password = '$password' ";
  26.     $result = mysql_query($sql) or die('Query failed. ' . mysql_error()); 
  27.  
  28.     if (mysql_num_rows($result) == 1) {
  29.         // the user id and password match, 
  30.     $sql2 = "SELECT * 
  31.             FROM users
  32.             WHERE username = '$userId' AND password = '$password' ";
  33.         $result2 = mysql_query($sql2) or die('Query failed. ' . mysql_error());
  34.          while($_row = mysql_fetch_array($result2))
  35. {    
  36. $userid=$_row["id"];
  37. $username=$_row["username"];
  38. $email=$_row["email"];
  39. $password=$_row["password"];
  40. $accesslevel=$_row["accesslevel"];
  41. $account=$_row["account"];
  42. $firstname=$_row["firstname"];
  43. $lastname=$_row["lastname"];
  44. $company=$_row["company"];
  45. $enabled=$_row["enabled"];
  46. $active=$_row["active"];
  47. $rep=$_row["rep"];
  48. $fail=$_row["fail"];
  49.         $HTTP_SESSION_VARS ['userid'] = $userid;
  50.         $HTTP_SESSION_VARS ['username'] = $username;
  51.         $HTTP_SESSION_VARS ['email'] = $email;
  52.         $HTTP_SESSION_VARS ['password'] = $password;
  53.         $HTTP_SESSION_VARS ['accesslevel'] = $accesslevel;
  54.         $HTTP_SESSION_VARS ['account'] = $account;
  55.         $HTTP_SESSION_VARS ['firstname'] = $firstname;
  56.         $HTTP_SESSION_VARS ['lastname'] = $lastname;
  57.         $HTTP_SESSION_VARS ['company'] = $company;
  58.         $HTTP_SESSION_VARS ['enabled'] = $enabled;
  59.         $HTTP_SESSION_VARS ['active'] = $active;
  60.         $HTTP_SESSION_VARS ['rep'] = $rep;
  61.         $HTTP_SESSION_VARS ['fail'] = $fail;
  62.         }
  63. if ($fail >= 5)
  64. {
  65. session_destroy (); 
  66.         header('Location: user.php?|$fail|$active|$enabled| errorMessage2=Too%20Many%20Failed%20Atempts%20please%20call%20phonenumber%20to%20have%20your%20account%20varified%20and%20reset');
  67.         exit;
  68.         }
  69.         elseif ($active = 0)
  70.         {
  71.         session_destroy (); 
  72.  
  73.         header('Location: user.php?errorMessage2=|$fail|$active|$enabled|Your%20account%20is%20either%20new%20and%20has%20not%20been%20activated%20or%20has%20been%20locked%20by%20the%20accounts%20department%20please%20call%phonenumber%20to%20resolve%20this%20matter');
  74.         exit;
  75.         }
  76.         elseif ($enabled == 0)
  77.         {
  78.         session_destroy (); 
  79.  
  80.         header('Location: user.php?errorMessage2=|$fail|$active|$enabled|Your%20account%20is%20not%20enabled%20please%20call%20<br>phonenumber<br>%20to%20resolve%20this%20matter');
  81.         exit;
  82.         }
  83.         else
  84.         {
  85.         $_SESSION['db_is_logged_in'] = true;
  86.  
  87.  
  88.  
  89.         header('Location: index.php');
  90.         exit;
  91.     } 
  92. }
  93. else 
  94. {
  95.         $errorMessage = 'Sorry, wrong user id / password ';
  96.     }
  97.  
  98.     include 'include/database/closedb.php';
  99. }
  100. ?>
  101.  
there is also this for the form
Expand|Select|Wrap|Line Numbers
  1.  <form  name="frmLogin" id="frmLogin" style="padding-left:25px;padding-top:15px" action="" method="post">
  2.        <h2 style="padding-top: 5px">Login to your account.</h2>
  3.        <p align="center"><strong><font color="#990000">
  4.        <?php 
  5.        $errorMessage2 = $_GET['errorMessage2'];
  6.        if ($errorMessage2 =='')
  7.        {
  8.        echo $errorMessage;
  9.        }
  10.        else
  11.        {
  12.        echo " $errorMessage2 ";
  13.        }
  14.        ?>
  15.        </font></strong></p>
  16.          <br />
  17.          <span class="red_text" style="font-weight: bold">Username</span>         <br />
  18.          <input name="txtUserId" type="text" id="txtUserId" class="inputbg_big">
  19.          <p>
  20.         <br />
  21.         <span class="red_text" style="font-weight: bold">Password</span> (<a href="#" class="graytext">forgot your password?</a>)<br />
  22.         <input name="txtPassword" type="password" id="txtPassword" class="inputbg_big">
  23.         </p>
  24.       <p>
  25.         <input name="btnLogin" type="submit" id="btnLogin" value="Login" class="submitbg">
  26.       </p>
  27.       <p>&nbsp;</p>
  28.      </form>
the result i get is im moved to
http://domain.com/user.php?|$fail|$active|$enabled|%20errorMessage2= Too%20Many%20Failed%20Atempts%20please%20call%phon enumber%20to%20have%20your%20account%20varified%20 and%20reset

so the authertication is working in this example i purposfully used a user that had database value set to 5 as you see the variable is comming thought as the code not he value $fail|$active|$enabled| should have been 5|1|1|



Thnaks for any help
Apr 18 '08 #1
7 3345
ronverdonk
4,258 Expert 4TB
To start: do not use $HTTP_SESSION_VARS (it is PHP < 4.1.0 stuff deprecated and will disappear soon) but use $_SESSION. So your statements will be like[php] $_SESSION['userid'] = $userid;[/php]

When you use this, session_register() is not necessary.

Ronald
Apr 18 '08 #2
To start: do not use $HTTP_SESSION_VARS (it is PHP < 4.1.0 stuff deprecated and will disappear soon) but use $_SESSION. So your statements will be like[php] $_SESSION['userid'] = $userid;[/php]

When you use this, session_register() is not necessary.

Ronald

Thank you for the tip,however, i anm still getting the |$fail|$active|$enabled| come through rather than the values i set for each

it appears that when i
Expand|Select|Wrap|Line Numbers
  1. $_SESSION ['fail'] = $fail;
it sets the session variable to $fail rather than the value for $fail
Apr 18 '08 #3
ok i was looking at the code and now i tried cangeing this



[PHP]$userid=$_row["id"];
$username=$_row["username"];
$email=$_row["email"];
$password=$_row["password"];
$accesslevel=$_row["accesslevel"];
$account=$_row["account"];
$firstname=$_row["firstname"];
$lastname=$_row["lastname"];
$company=$_row["company"];
$enabled=$_row["enabled"];
$active=$_row["active"];
$rep=$_row["rep"];
$fail=$_row["fail"];


$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['email'] = $email;
$_SESSION['password'] = $password;
$_SESSION['accesslevel'] = $accesslevel;
$_SESSION['account'] = $account;
$_SESSION['firstname'] = $firstname;
$_SESSION['lastname'] = $lastname;
$_SESSION['company'] = $company;
$_SESSION['enabled'] = $enabled;
$_SESSION['active'] = $active;
$_SESSION['rep'] = $rep;
$_SESSION['fail'] = $fail;[/PHP]


to this

[PHP] $_SESSION['userid']=$_row["id"];
$_SESSION['username']=$_row["username"];
$_SESSION['email']=$_row["email"];
$_SESSION['password']=$_row["password"];
$_SESSION['accesslevel']=$_row["accesslevel"];
$_SESSION['account']=$_row["account"];
$_SESSION['firstname']=$_row["firstname"];
$_SESSION['lastname']=$_row["lastname"];
$_SESSION['company']=$_row["company"];
$_SESSION['enabled']=$_row["enabled"];
$_SESSION['active']=$_row["active"];
$_SESSION['rep']=$_row["rep"];
$_SESSION['fail']=$_row["fail"];[/PHP]

but i am still getting $fail instead of 5 when i call the session variable
Apr 18 '08 #4
Atli
5,058 Expert 4TB
Hi.

The reason you are seeing the variable names in your string is that you are using single quote-marks. They will show exactly what is written and not the contents of the variable.

Use double quote-marks instead.
Expand|Select|Wrap|Line Numbers
  1. <?php
  2. $variable = "Hello";
  3. echo "Variable is: $variable"; // = Variable is: Hello
  4. echo 'Variable is: $variable'; // = Variable is: $variable
  5. ?>
  6.  
Also, you execute the same query twice in your code ($sql and $sql2). You really should remove the second one and just use the result of the first one. They are identical.
Apr 18 '08 #5
ronverdonk
4,258 Expert 4TB
Have you thought about that the row could actually have the valye $fail in its column? To be sure dump the $_row after the fetch, like this[php]echo '<pre>'; print_r($_row);[/php] and see what is actually retrieved from the database.

Ronald
Apr 18 '08 #6
thank for the responces it was the singel quote problem.

i am so new to using database and sessions i was sure it was a problem there and not a basic php problem.

i feel quite silly now

and ty for the dump solution that will defentily come in handy
Apr 19 '08 #7
ronverdonk
4,258 Expert 4TB
Don't feel silly. I also did not notice, just overlooked it and that happens to anyone. Glad it worked out for you. See you around some day.

Ronald
Apr 19 '08 #8

Sign in to post your reply or Sign up for a free account.

Similar topics

2
by: Håvard Olerud Eriksen | last post by:
I've been working on a webshop, and I've got most of the functionality up and running. One problem, however, that I don't seem to be able to solve is as follows. My shopping cart is stored in...
9
by: Ken | last post by:
How can I reset the initial form variables that are set with session statements when clicking on a button? I tried this but the function was not called: <?PHP function reset_form($none) {...
10
by: Joseph S. | last post by:
Hi, How do I pass a string from one call to a php block to another call in the same page but from another form? Here's my full php code: I'm using two forms in the same page. A hidden field...
6
by: ajaykataram | last post by:
Hi all i am getting error in the following code to upload files csv and txt files i have to insert the following values only into database if firstname,lastname and email id is null it should not...
3
by: bb nicole | last post by:
Below is my job post code, it cannot post into database... WHAT IS THE PROBLEM OF IT?? <?php session_start(); ob_start(); //connect to server and select database
2
by: somecrazyguy | last post by:
Take the following code, one would think that there was absolutely no link between $test and $_SESSION. But if you reload the page, guess what... "After=FAILED". Why? Because for some reason,...
1
by: gogelpot | last post by:
Why is it that every time I run this code in a session that it does not add my new values to the session variable but it replaces the old value with the new. Here is the Code: <?php...
11
by: orfiyus | last post by:
whats good I am working on a php script. It takes in user input from a text field and then queries the database for it. If the input is found in the database then script performs a delete query...
1
by: printline | last post by:
Hello all Hopefully someone can help me with this issue. I have some information from a database which i show in a table. In this table i have various columns that are filled out with some of...
18
by: John | last post by:
Something strange has just started to happen as I have been developing a db application on a site. Suddenly a session variable has stopped working as I pass it from 1 page to another (I am sure it...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.