The following code works in that it will pass through a session variable of email, which comes from a posted value.
When i add the while loop to extract the user type, it wont pass it through.
any ideas?
Expand|Select|Wrap|Line Numbers
- <?php
- ob_start();
- // Connect to server and select databse.
- mysql_connect("$host", "$username", "$password")or die("cannot connect");
- mysql_select_db("$db_name")or die("cannot select DB");
- // username and password sent from form
- $user_email=$_POST['user_email'];
- $user_password=$_POST['user_password'];
- // To protect MySQL injection (more detail about MySQL injection)
- $user_email = stripslashes($user_email);
- $user_password = stripslashes($user_password);
- $user_email = mysql_real_escape_string($user_email);
- $user_password = mysql_real_escape_string($user_password);
- $sql="SELECT * FROM $tbl_name WHERE user_email='$user_email' and user_password='$user_password'";
- while($row = mysql_fetch_array($query))
- {
- $user_type = $row[1];
- echo $user_type;
- exit ();
- }
- $result=mysql_query($sql);
- // Mysql_num_row is counting table row
- $count=mysql_num_rows($result);
- // If result matched $myusername and $mypassword, table row must be 1 row
- if($count==1){
- // Register $myusername, $mypassword and redirect to file "login_success.php"
- session_start();
- $_SESSION['user_email'] = $user_email;
- $_SESSION['user_type'] = $user_type;
- header("location:login_success.php");
- }
- else {
- echo "Wrong Username or Password";
- }
- ?>