I want to store data (id, profile_image, caption) from another table
(I just download the code for uploading images)
The problem is when I am about to save the data, processForm.php always give me a zero value for Session ID which is my current ID is "1".
I'm a newbie here.
(login.php)
<?php
// Initialize the session
session_start();
// Check if the user is already logged in, if yes then redirect him to
welcome page
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
header("location: welcome.php");
exit;
}
// Include config file
require_once "config.php";
// Define variables and initialize with empty values
$username = $password = "";
$username_err = $password_err = "";
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
// Check if username is empty
if(empty(trim($_POST["username"]))){
$username_err = "Please enter username.";
} else{
$username = trim($_POST["username"]);
}
// Check if password is empty
if(empty(trim($_POST["password"]))){
$password_err = "Please enter your password.";
} else{
$password = trim($_POST["password"]);
}
// Validate credentials
if(empty($username_err) && empty($password_err)){
// Prepare a select statement
$sql = "SELECT id, username, password FROM users WHERE username = ?";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "s", $param_username);
// Set parameters
$param_username = $username;
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Store result
mysqli_stmt_store_result($stmt);
// Check if username exists, if yes then verify password
if(mysqli_stmt_num_rows($stmt) == 1){
// Bind result variables
mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password);
if(mysqli_stmt_fetch($stmt)){
if(password_verify($password, $hashed_password)){
// Password is correct, so start a new session
session_start();
// Store data in session variables
$_SESSION["loggedin"] = true;
$_SESSION["id"] = $id;
$_SESSION["username"] = $username;
// Redirect user to welcome page
header("location: welcome.php");
} else{
// Display an error message if password is not valid
$password_err = "The password you entered was not valid.";
}
}
} else{
// Display an error message if username doesn't exist
$username_err = "No account found with that username.";
}
} else{
echo "Oops! Something went wrong. Please try again later.";
}
}
// Close statement
mysqli_stmt_close($stmt);
}
// Close connection
mysqli_close($link);
}
?>
<!DOCTYPE html>
<html lang="en">
<link rel="stylesheet" type="text/css" href="style.css">
<link rel="icon" href="logo2.png" type="image">
<head>
<title>Fox - Log In | Sign Up</title>
<meta charset="windows-1252">
</head>
<body>
<div class="header" id="myHeader" >
<img src="logo.png" alt="Fox Logo" width="5%" height="20%">
<div class="tooltip">
<img src="text.png" alt="Fox text" width="50%" height="15%" usemap="#foxlogo">
<span class="tooltiptext">Go To Fox Home</span>
</div>
<map name="foxlogo">
<area shape="rect" coords="0,0,133,126" href="login.php">
</map>
</div>
<div class="container">
<img class="img" src="bg2.jpg">
</div>
<div class="signup"><br><br><br><br><br>
<h1 style="text-align:center; font-size:12;">Log In</h1><br>
<form style="margin-left:25px; margin-top: -20px;" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="form-group <?php echo (!empty($username_err)) ? 'has-error' : ''; ?>">
<p style="font-size: 14px; color: white;margin-left: 0px;width: 980px;">Username</p>
<input placeholder="Enter Username" type="text" name="username" class="form-control" value="<?php echo $username; ?>">
<br><span class="help-block"><?php echo $username_err; ?></span>
</div>
<div class="form-group <?php echo (!empty($password_err)) ? 'has-error' : ''; ?>">
<p style="font-size: 14px; color: white;margin-left: 0px;width: 980px;">Password</p>
<input placeholder="Enter Password" type="password" name="password" class="form-control" >
<span class="help-block"><?php echo $password_err; ?></span>
</div>
<div class="form-group">
<input style="margin-top:20px;" type="submit" class="button" value="Login">
</div>
<p2>Sign up now</p2>
</form>
</div>
<div>
<img class="user" src="user.png">
</div>
<a type="link2" style="margin:30px; text-decoration: none;" href="#">Terms & Policies</a>
<a type="link2" style="text-decoration: none;" href="#">Help</a>
</div>
</body>
</html>
(welcome.php)
<?php
require_once "config.php";
// Initialize the session
session_start();
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
header("location: login.php");
exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<link rel="stylesheet" type="text/css" href="home.css">
<link rel="icon" href="logo2.png" type="image">
<head>
<meta charset="UTF-8">
<title>Fox | Home</title>
<style type="text/css">
body{ font: 14px sans-serif; text-align: center; }
</style>
</head>
<body>
<br>
<a style="margin-left:90%;position: relative;" href="logout.php" name="signout" class="btn btn-danger">Sign Out</a>
<div style="margin-right:96%"class="tooltip">
<img style="margin-right: 96%;margin-top:0%;" src="logo.png" alt="Fox Logo" width="100%" usemap="#foxlogo">
<span class="tooltiptext">Go To Fox Home</span>
</div>
<map name="foxlogo">
<area shape="rect" coords="0,0,133,126" href="welcome.php">
</map>
<hr>
<div class="profile">
<div class="page-header">
<h1><b><?php echo htmlspecialchars($_SESSION["username"]); ?></b></h1>
<div class="container">
<img name="profile" class="image" src="images/placeholder.png" id="profileDisplay" style="display: block;width: 45%;margin: 10px auto;border-radius:50%;"><br>
<input type="file" name="profileImage" id="profileImage" style="display: none;">
<div class="overlay">
<div class="text"><br>
Update Profile<br><br><br>
View profile
</div>
</div>
<?php
$con = mysqli_connect("localhost","root","","demo");
$q = mysqli_query($con,"SELECT * FROM users WHERE id ='{$_SESSION["id"]}'");
while($row = mysqli_fetch_assoc($q)){
echo $row['created_at'];
}
?>
</div>
<p>
Reset Your Password<br><br><br>
</p>
</div>
</body>
</html>
(config.php)
<?php
/* Database credentials. Assuming you are running MySQL
server with default setting (user 'root' with no password) */
define('DB_SERVER', 'localhost');
define('DB_USERNAME', 'root');
define('DB_PASSWORD', '');
define('DB_NAME', 'demo');
/* Attempt to connect to MySQL database */
$link = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);
// Check connection
if($link === false){
die("ERROR: Could not connect. " . mysqli_connect_error());
}
?>
(updateprofile.php)
I try to echo my current id(1) in this form and it is fine. but in saving id in XAMPP php my admin gives me ZERO. processForm gives me zero value for my SESSION ID
picture1:I try to echo my ID and its fine
Picture2:After I upload a picture. it gives me a zero value for ID
<?php
require_once "config.php";
include 'processForm.php';
// Initialize the session
session_start();
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
header("location: login.php");
exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<link rel="stylesheet" type="text/css" href="home.css">
<link rel="icon" href="logo2.png" type="image">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
<head>
<meta charset="UTF-8">
<title>Fox | Home</title>
<style type="text/css">
body, html{ font: 14px sans-serif; text-align: center;height: 100%; width: 100%; }
</style>
</head>
<body>
<div style="margin-left:90%"class="tooltip">
<span class="tooltiptext">Go To Fox Home</span>
</div>
<map name="foxlogo">
<area shape="rect" coords="0,0,133,126" href="welcome.php">
</map>
</div>
<img style="margin-right: 90%; margin-top:2%;" src="logo.png" alt="Fox Logo" width="5%" usemap="#foxlogo">
<a style="margin-left:90%; margin-top:-5%; position: relative;" href="logout.php" name="signout" class="btn btn-danger">Sign Out</a>
<hr>
<div style="margin-left: 35%"class="container">
<div class="row">
<div class="col-4 offset-m-d4 form-div">
<form enctype="multipart/form-data" action="index.php" method="post" >
<h3 class="text-center">Upload Profile</h3>
<?php //echo htmlspecialchars($_SESSION["username"]);
echo " My id is {$_SESSION["id"]}"; ?>
<div class="form-group text-center">
<img src="images/placeholder.png" id="profileDisplay" onclick="triggerClick()" style="display: block;width: 60%;margin: 10px auto;border-radius:50%;">
<input type="file" name="profileImage" onchange="displayImage(this)" id="profileImage" style="display: none;">
</div>
<div clas="form-group">
<label for="caption">Caption</label>
<textarea name="caption" id="caption" class="form-control"></textarea>
</div>
<div class="form-group">
<br>
<button type="submit" name="save-user" class="btn btn-primary btn-block">Upload</button>
</div>
</form>
</div>
</div>
</div>
<br><br><br><br>
<script src="scripts.js"></script>
</body>
</body>
</html>
(processForm.php)
<?php
require_once "config.php";
//connect db
$conn = mysqli_connect('localhost','root','','demo');
if(isset($_POST['save-user'])){
$caption = $_POST['caption'];
$profileImageName =time() . '_' . $_FILES['profileImage']['name'];
$target = 'images/' . $profileImageName;
if(move_uploaded_file($_FILES['profileImage']['tmp_name'], $target)){
//* */
$sql = "INSERT INTO photos (id,profile_image,caption) VALUES ('{$_SESSION['id']}','$profileImageName','$caption')";
if (mysqli_query($conn, $sql)){
$msg="Image uploaded and saved to database";
$css_class = "alert-success";
}else{
$msg="Database error: Failed to save user";
$css_class = "alert-danger";
}
//
$msg="Image uploaded";
$css_class = "alert-success";
header("location: welcome.php");
}else{
$msg="Failed to upload";
$css_class = "alert-danger";
header("location: updateprofile.php");
}
}
you can add the output of the $_SESSION variable with a var_dump(); After the loggin and another one in the same moment of the saved of the photo in mysql , and compare??? I think that your (processForm.php) is missing at the beginning too ... session_start ();
Related
I am trying to insert form data to my profile table when I click the add button, but whenever I test my code below it just reloads my add.php page and clears the form instead of adding it to my table.
add.php code:
<?php
//connection to the database
$pdo = require_once 'pdo.php';
session_start();
//if user is not logged in redirect back to index.php with an error message
if(!isset($_SESSION['user_id'])){
die("ACCESS DENIED");
return;
}
//if the user requested cancel go back to index.php
if(isset($_POST['cancel'])){
header('Location: index.php');
return;
}
//handling incoming data
$uid = $_SESSION['user_id'];
if (isset($_POST['first_name']) && isset($_POST['last_name']) &&
isset($_POST['email']) && isset($_POST['headline']) && isset($_POST['summary'])){
if (strlen($_POST['first_name']) == 0 || strlen($_POST['last_name']) == 0 ||
strlen($_POST['email']) || strlen($_POST['headline']) == 0 || strlen($_POST['summary']) == 0){
$_SESSION['error'] = "All fields are required";
header("Location: add.php");
return;
}
if(strpos($_POST['email'], '#') === false){
$_SESSION['error'] = "Email address must contain #";
header("Location: add.php");
return;
}
$stmt = $pdo->prepare('INSERT INTO profile
(user_id, first_name, last_name, email, headline, summary)
VALUES ( :uid, :fn, :ln, :em, :he, :su)');
$stmt->execute(array(
':uid' => $uid,
':fn' => $_POST['first_name'],
':ln' => $_POST['last_name'],
':em' => $_POST['email'],
':he' => $_POST['headline'],
':su' => $_POST['summary'])
);
$_SESSION['success'] = "profile added";
header("location: index.php");
return;
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Mandla'ke Makondo's Profile Add</title>
<!-- bootstrap.php - this is HTML -->
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"
integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7"
crossorigin="anonymous">
<!-- Optional theme -->
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css"
integrity="sha384-fLW2N01lMqjakBkx3l/M9EahuwpSfeNvV63J5ezn3uZzapT0u7EYsXMjQV+0En5r"
crossorigin="anonymous">
</head>
<body>
<div class="container">
<h1>Adding Profile for UMSI</h1>
<form method="post" action="index.php">
<p>First Name:
<input type="text" name="first_name" size="60"/></p>
<p>Last Name:
<input type="text" name="last_name" size="60"/></p>
<p>Email:
<input type="text" name="email" size="30"/></p>
<p>Headline:<br/>
<input type="text" name="headline" size="80"/></p>
<p>Summary:<br/>
<textarea name="summary" rows="8" cols="80"></textarea>
<p>
<input type="submit" name="add" value="Add">
<input type="submit" name="cancel" value="Cancel">
</p>
</form>
</div>
</body>
</html>
here I created my connection to the database using pdo connection and also require my config.php file for database sign in credentials
here is my pdo.php code:
<?php
require_once 'config.php';
//setting DSN
$dsn = "mysql:host=$host;dbname=$dbname;charset=UTF8";
//creating a PDO instance
try{
$pdo = new PDO($dsn, $user, $password);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
if($pdo){
echo "database connected Successfully";
return;
}
}catch(PDOException $e){
echo $e->getMessage();
}
?>
my database sign in credentials are in this file, the username, password and dbname are not necessarily correct, I only changed them for the sake of asking.
here is my config.php code:
<?php
//my variables
$host = 'localhost';
$user = 'myusername';
$password = 'mypass';
$dbname = 'mydb';
?>
my index.php code has a static display for the profile entries, I wanted to be able to add the profiles first so I can make it dynamically display the profiles but here is my index.php code:
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title>Mandla'ke Makondo's Resume Registry</title>
<!-- bootstrap.php - this is HTML -->
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"
integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7"
crossorigin="anonymous">
<!-- Optional theme -->
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css"
integrity="sha384-fLW2N01lMqjakBkx3l/M9EahuwpSfeNvV63J5ezn3uZzapT0u7EYsXMjQV+0En5r"
crossorigin="anonymous">
</head>
<body>
<div class="container">
<h1>Mandla'ke Makondo's Resume Registry</h1>
<p>
<?php
if(isset($_SESSION['user_id'])){
echo " <a href='logout.php'>Logout</a>";
}
if(!isset($_SESSION['user_id'])){
echo "<a href='login.php'>Please log in</a>";
}
?>
</p>
<?php
if(isset($_SESSION['user_id'])){
echo"<table border = '1'>
<tr><th>Name</th><th>Headline</th><th>Action</th><tr><tr><td>
<a href='view.php?profile_id=5634'>srghrsh yteu yt uuu</a></td><td>
eyetu e5u5</td><td><a href = 'edit.php'>Edit</a> <a href = 'delete.php'>Delete</a></td></tr>
</table>";
echo "<a href='add.php'>Add New Entry</a>";
}
if(!isset($_SESSION['user_id'])){
echo "<table border='1'>
<tr><th>Name</th><th>Headline</th>
<tr>
<tr><td>
<a href='view.php?profile_id=5634'>srghrsh yteu yt uuu</a></td><td>
eyetu e5u5</td></tr>
</table>";
}
?>
</div>
</body>
enter code here
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title>Mandla'ke Makondo's Resume Registry</title>
<!-- bootstrap.php - this is HTML -->
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"
integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7"
crossorigin="anonymous">
<!-- Optional theme -->
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css"
integrity="sha384-fLW2N01lMqjakBkx3l/M9EahuwpSfeNvV63J5ezn3uZzapT0u7EYsXMjQV+0En5r"
crossorigin="anonymous">
</head>
<body>
<div class="container">
<h1>Mandla'ke Makondo's Resume Registry</h1>
<p>
<?php
if(isset($_SESSION['user_id'])){
echo " <a href='logout.php'>Logout</a>";
}
if(!isset($_SESSION['user_id'])){
echo "<a href='login.php'>Please log in</a>";
}
?>
</p>
<?php
if(isset($_SESSION['user_id'])){
echo"<table border = '1'>
<tr><th>Name</th><th>Headline</th><th>Action</th><tr><tr><td>
<a href='view.php?profile_id=5634'>srghrsh yteu yt uuu</a></td><td>
eyetu e5u5</td><td><a href = 'edit.php'>Edit</a> <a href = 'delete.php'>Delete</a></td></tr>
</table>";
echo "<a href='add.php'>Add New Entry</a>";
}
if(!isset($_SESSION['user_id'])){
echo "<table border='1'>
<tr><th>Name</th><th>Headline</th>
<tr>
<tr><td>
<a href='view.php?profile_id=5634'>srghrsh yteu yt uuu</a></td><td>
eyetu e5u5</td></tr>
</table>";
}
?>
</div>
</body>
So I haven't really worked with PHP Sessions much and trying to learn. Despite trying to look online I'm a bit stuck. So I have a login page which works and lets people login but when they get to the welcome page I can't display anything other than the id, username or password (if I really wished)
So here's the code for the login page~:
<?php
// Initialize the session
session_start();
// Check if the user is already logged in, if yes then redirect him to welcome page
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
header("location: welcome.php");
exit;
}
// Include config file
require_once "config.php";
// Define variables and initialize with empty values
$username = $password = "";
$username_err = $password_err = "";
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
// Check if username is empty
if(empty(trim($_POST["username"]))){
$username_err = "Please enter username.";
} else{
$username = trim($_POST["username"]);
}
// Check if password is empty
if(empty(trim($_POST["password"]))){
$password_err = "Please enter your password.";
} else{
$password = trim($_POST["password"]);
}
// Validate credentials
if(empty($username_err) && empty($password_err)){
// Prepare a select statement
$sql = "SELECT id, firstname, lastname, email, phone, username, password FROM tourn_admins WHERE username = ?";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "s", $param_username);
// Set parameters
$param_username = $username;
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Store result
mysqli_stmt_store_result($stmt);
// Check if username exists, if yes then verify password
if(mysqli_stmt_num_rows($stmt) == 1){
// Bind result variables
mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password);
if(mysqli_stmt_fetch($stmt)){
if(password_verify($password, $hashed_password)){
// Password is correct, so start a new session
session_start();
// Store data in session variables
$_SESSION["loggedin"] = true;
$_SESSION["id"] = $id;
$_SESSION["username"] = $username;
$_SESSION["firstname"] = $firstname;
// Redirect user to welcome page
header("location: welcome.php");
} else{
// Display an error message if password is not valid
$password_err = "The password you entered was not valid.";
}
}
} else{
// Display an error message if username doesn't exist
$username_err = "No account found with that username.";
}
} else{
echo "Oops! Something went wrong. Please try again later.";
}
}
// Close statement
mysqli_stmt_close($stmt);
}
// Close connection
mysqli_close($link);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Control Panel | Tournament | SymplieCloud</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!--===============================================================================================-->
<link rel="icon" type="image/png" href="images/icons/favicon.ico"/>
<!--===============================================================================================-->
<link rel="stylesheet" type="text/css" href="vendor/bootstrap/css/bootstrap.min.css">
<!--===============================================================================================-->
<link rel="stylesheet" type="text/css" href="fonts/font-awesome-4.7.0/css/font-awesome.min.css">
<!--===============================================================================================-->
<link rel="stylesheet" type="text/css" href="fonts/iconic/css/material-design-iconic-font.min.css">
<!--===============================================================================================-->
<link rel="stylesheet" type="text/css" href="vendor/animate/animate.css">
<!--===============================================================================================-->
<link rel="stylesheet" type="text/css" href="vendor/css-hamburgers/hamburgers.min.css">
<!--===============================================================================================-->
<link rel="stylesheet" type="text/css" href="vendor/animsition/css/animsition.min.css">
<!--===============================================================================================-->
<link rel="stylesheet" type="text/css" href="vendor/select2/select2.min.css">
<!--===============================================================================================-->
<link rel="stylesheet" type="text/css" href="vendor/daterangepicker/daterangepicker.css">
<!--===============================================================================================-->
<link rel="stylesheet" type="text/css" href="css/util.css">
<link rel="stylesheet" type="text/css" href="css/main.css">
<!--===============================================================================================-->
</head>
<body>
<div class="limiter">
<div class="container-login100">
<div class="wrap-login100">
<form class="login100-form validate-form" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<span class="login100-form-title p-b-26">
</span>
<span class="login100-form-title p-b-48">
<img src="" width="40%" height="auto" class="login-logo">
</span>
<div class="wrap-input100 validate-input <?php echo (!empty($username_err)) ? 'has-error' : ''; ?>" data-validate = "">
<input class="input100" type="text" name="username" value="<?php echo $username; ?>">
<span class="focus-input100" data-placeholder="Username"></span>
</div>
<div class="wrap-input100 validate-input <?php echo (!empty($password_err)) ? 'has-error' : ''; ?>" data-validate="Enter password">
<span class="btn-show-pass">
<i class="zmdi zmdi-eye"></i>
</span>
<input class="input100" type="password" name="password">
<span class="focus-input100" data-placeholder="Password"></span>
</div>
<div class="container-login100-form-btn">
<div class="wrap-login100-form-btn">
<div class="login100-form-bgbtn"></div>
<button class="login100-form-btn">
Login
</button>
</div>
</div>
<div style="padding: 20px;">
<span><?php echo $username_err; echo $password_err; ?></span>
</div>
<div class="text-center p-t-115">
<span class="txt1">
Having difficulties?
</span>
<a class="txt2" href="#">
Contact Us
</a>
</div>
</form>
</div>
</div>
</div>
<div id="dropDownSelect1"></div>
<!--===============================================================================================-->
<script src="vendor/jquery/jquery-3.2.1.min.js"></script>
<!--===============================================================================================-->
<script src="vendor/animsition/js/animsition.min.js"></script>
<!--===============================================================================================-->
<script src="vendor/bootstrap/js/popper.js"></script>
<script src="vendor/bootstrap/js/bootstrap.min.js"></script>
<!--===============================================================================================-->
<script src="vendor/select2/select2.min.js"></script>
<!--===============================================================================================-->
<script src="vendor/daterangepicker/moment.min.js"></script>
<script src="vendor/daterangepicker/daterangepicker.js"></script>
<!--===============================================================================================-->
<script src="vendor/countdowntime/countdowntime.js"></script>
<!--===============================================================================================-->
<script src="js/main.js"></script>
</body>
</html>
Then Heres the code for the welcome page:
<?php
// Initialize the session
session_start();
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
header("location: login.php");
exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Welcome</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css">
<style type="text/css">
body{ font: 14px sans-serif; text-align: center; }
</style>
</head>
<body>
<div class="page-header">
<h1>Hi, <h1><?php echo $_SESSION["firstname"]; ?><b><?php echo htmlspecialchars($_SESSION["username"]); ?></b>. Welcome to our site.</h1>
</div>
<p>
Reset Your Password
Sign Out of Your Account
</p>
</body>
</html>
So I'm trying to be able to display all the rows data. So I have ID, Firstname, Lastname, Email, Phone, Username, Password and Timestamp. I just want to be able to display them through the session like $_SESSION["firstname"]; As you may be able to see I have tried to have a go but is unsuccesfull. Again, am learning here so if you see anything which could be better, any critisim would be apprciated :) Thanks in advance!
You're not binding enough results to your prepared statement:
$sql = "SELECT id, firstname, lastname, email, phone, username, password FROM tourn_admins WHERE username = ?";
Your statement fetches 7 columns, but your mysqli_stmt_bind_result call only has 3 variables:
mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password);
You need to add variables for all the columns you are reading in the query i.e.
mysqli_stmt_bind_result($stmt, $id, $firstname, $lastname, $email, $phone, $username, $hashed_password);
My error is always said "invalid username and password",
please any one can help?
i want to fix some errors"'please help
i want to do this like in this link please see" this is a program i like to do
http://alumnisys.hostei.com/
please any one can solve this problem""
the error is is in variable sysntax""
code below is i like to fix
heres my other code""
connect.php
login.php
index.php
admin.php
staff.php
student.php
|
Username:
Password:
S u b m i t
This is a sample program of 3 accounts use this as your guide to your case study.
The pdf files is in the admin page login first before download:)
note: you need to debug the codes :)
note: the database is in the student page.
Admin Account
username: admin
password: admin
Staff Account
username staff
password staff
student account
username pedro
password pedropedro
Connect.php
<?php
$db = mysql_connect('localhost', 'root', '');
mysql_select_db('psu1', $db);
?>
Index.php
<?php
session_start();
$pg='hm';
if($_SESSION['usertype']=='admin'){
header('location: admin.php');
}elseif($_SESSION['usertype']=='staff'){
header('location: staff.php');
}elseif($_SESSION['usertype']=='alumni'){
header('location: alumnu.php');
}else{
}
$msg='';
if(isset($_POST['do'])){
$uname = $_POST['username'];
$upass = $_POST['password'];
if(($uname=='') && ($upass=='')){
$msg = 'frmError';
$m = 'Dont leave blanks...';
}else{
include('connect.php');
$sql="SELECT * FROM alumni_login WHERE userrname='".$uname."' AND password='".md5($upass)."'";
$result=mysql_query($sql);
$rc = mysql_num_rows($result);
if($rc==0){
$msg = 'frmError';
$m = 'Invalid Username or Password';
}else{
$row = mysql_fetch_assoc($result);
$ip=$_SERVER['REMOTE_ADDR'];
$sql2="INSERT INTO login_infos VALUES(".$row['userid'].",
'".$row['username']."', '".date('Y-m-d H:i:s')."', '$ip')";
$result2=mysql_query($sql2);
if($result2){
$_SESSION['username'] = $row['username'];
$_SESSION['useraydi'] = $row['userid'];
$_SESSION['usertype'] = $row['usertype'];
if($row['usertype']=='admin'){
header('location: admin.php');
}elseif($row['usertype']=='staff'){
header('location: staff.php');
}elseif($row['usertype']=='alumni'){
header('location: student.php');
}
}
}
}
}
?>
<head>
<title>index</title>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1251" />
<link rel="stylesheet" href="css/main.css" type="text/css" />
<style type="text/css">
<!--
.style1 {font-size: 10px}
.style2 {
font-size: 11px;
font-weight: bold;
}
</style>
</head>
<body>
<?php include('login.php'); ?>
</div>
</body>
</html>
Admin.php
<?php
session_start();
$pg='hm';
if($_SESSION['usertype']!='admin'){
header('location: index.php');
}
?>
<head>
<title>Admin-Main Page</title>
</head>
<body>
<li style="background: none;">Welcome ADMIN</li>
<h3>Welcome System Administration.</h3>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<li><a href="logout.php"><img src="menu/logout.png"
/></a></li>
</body>
</html>
Staff.php
<?php
session_start();
$pg='st';
if($_SESSION['usertype']!='staff'){
header('location: index.php');
}
include('connect.php');
$sql = "SELECT * FROM alumni_login WHERE userid='".$_SESSION['useraydi']."'";
$result = mysql_query($sql);
$rc=#mysql_num_rows($result);
if($rc>0){
$row=mysql_fetch_assoc($result);
$neym=$row['username'];
}
?>
<html><title>staff page</title>
</head>
<body>
<li style="background: none;">Welcome STAFF</li>
<h3>Staff Main Page</h3>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<li><a href="logout.php"><img src="menu/logout.png"
/></a></li>
</div>
</body>
</html>
Student.php
<?php
session_start();
if($_SESSION['usertype']!='student'){
header('location: index.php');
}
$pg='hm';
include('../student_for_demo correct codes/connect.php');
$sql = "SELECT * FROM alumni_info WHERE userid='".$_SESSION['useraydi']."'";
$result = mysql_query($sql);
$rc=#mysql_num_rows($result);
if($rc>0){
$row=mysql_fetch_assoc($result);
$neym=$row['firstname'];
if($row['myphoto']!='')
if(file_exists($uploads.$row['myphoto']))
$imgphoto = $uploads.$row['myphoto'];
else
$imgphoto = $uploads.'nopic.gif';
else
$imgphoto = $uploads.'nopic.gif';
}
?>
<html>
<head>
<title>student page</title>
<td id="content" valign="top"><h2>Welcome, <?php echo $neym;?></h2>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<li><a href="../student_for_demo correct codes/logout.php"><img src="../student_for_demo
correct codes/menu/logout.png" /></a></li>
</div>
</body>
</html>
Inc.login.php
<form method="post" id="loginform" action="index.php">
<div align="center"><strong><font color="#003300" size="2"><span class="<?php echo $msg;
?>"><font color="#EDF5FE">|</font><?php echo $m; ?></span></font></strong></div>
<table width="222"><tr height="30">
<td align="right"><strong>Username:</strong></td>
<td><input name="username" type="text"></td>
</tr><tr>
<td align="right"><strong>Password:</strong></td>
<td><input name="password" type="password"></td>
</tr></table>
<br />
<input type="image" align="center" src="images/login.png" name="do" value="S u b m i t" />
</form>
Logout.php
<?php
session_start();
session_destroy();
header("location: index.php");
?>
I have check, In your query there is spelling mistake
New Query
$sql="SELECT * FROM alumni_login WHERE username='".$uname."' AND password='".md5($upass)."'";
You have used userrname it should be username
hello everyone i just wanna ask on how to add three attempts in my login page here is the code
<?php
include 'connect.php';
?>
<?php
if(isset($_POST) && !empty($_POST))
{
session_start();
include("config_DB.php"); //including config.php in our file
$username = mysql_real_escape_string(stripslashes($_POST['username']));
$password = mysql_real_escape_string(stripslashes(md5($_POST['password'])));
$user_type= $_GET['user_type'];
$match = "select * from $table where username = '".$username."' and password = '".sha1($password)."';";
$qry = mysql_query($match);
$row=mysql_fetch_array($qry);
$num_rows = mysql_num_rows($qry);
if($num_rows >= 1){
$_SESSION['user']= $_POST["username"];
$_SESSION['name'] = $row['empName'];
$_SESSION['position'] = $row['empPosition'];
$_SESSION['user_type'] = $row['user_type'];
header("location:index.php/index_controller/home");
} else {
$username = mysql_real_escape_string(stripslashes($_POST['username']));
$password = mysql_real_escape_string(stripslashes($_POST['password']));
include("config_DB.php"); //including config.php in our file
$match = "select * from $table where username = '".$username."' and password = '".sha1($password)."';";
$qry = mysql_query($match);
$row=mysql_fetch_array($qry);
$num_rows = mysql_num_rows($qry);
$attemps =0;
if($num_rows <= 0){
echo
"<script type=\"text/javascript\">".
"window.alert('Invalid username/password!');".
'window.location.href="index.php";'.
"</script>";
exit;
}
$_SESSION['user']= $_POST["username"];
$_SESSION['name'] = $row['empName'];
$_SESSION['position'] = $row['empPosition'];
$_SESSION['user_type'] = $row['user_type'];
header("location:index.php/index_controller/home");
}
}else{
?>
<!DOCTYPE HTML>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>City Planning and Development Office--Login</title>
<link rel="stylesheet" href="<?php echo base_url();?>assets/css/bootstrap.min.css"/>
<link rel="stylesheet" href="<?php echo base_url();?>assets/css/login-style.css"/>
<link rel="stylesheet/less" href="<?php echo base_url();?>assets/less/icons.less"/>
<!-- Load JavaScript Libraries -->
<script src="<?php echo base_url();?>assets/js/jquery/jquery-1.11.1.min.js"></script>
<script src="<?php echo base_url();?>assets/js/jquery/jquery-ui.js"></script>
<script src="<?php echo base_url();?>assets/js/jquery/jquery.widget.min.js"></script>
<!-- Load Metro JavaScript -->
<script src="<?php echo base_url();?>assets/js/load-metro.js"></script>
<script src="<?php echo base_url();?>assets/js/metro.min.js"></script>
<script src="<?php echo base_url();?>assets/js/metro-calendar.js"></script>
<script src="<?php echo base_url();?>assets/js/metro-datepicker.js"></script>
<!-- Load Bootstrap JavaScript -->
<script src="<?php echo base_url();?>assets/js/bootstrap.min.js"></script>
<script src="<?php echo base_url();?>assets/js/validate.js"></script>
<script src="<?php echo base_url();?>assets/js/condition.js"></script>
<!-- Login parallax -->
<style type="text/css">
body{
background:#000;
}
input.info{
color:#000 !important;
}
.vertical-offset-100{
padding-top:100px;
}
.login{
background:#ed1c24;
color:#fff;
}
body{
background: url(img/back.png);
background-color: #444;
background: url(/cpdo_ci/assets/images/pinlayer2.png),url(/cpdo_ci/assets/images/pinlayer1.png),url(/cpdo_ci/assets/images/back.png);
}
.vertical-offset-100{
padding-top:100px;
}
</style>
</head>
<body>
<script src="<?php echo base_url();?>assets/js/TweenLite.min.js"></script>
<div class="container" >
<div class="row vertical-offset-100">
<div class="col-md-4 col-md-offset-4">
<div class="panel panel-default">
<div class="panel-heading">
<div class="row-fluid user-row">
<center><img src="/cpdo_ci/assets/images/malolos.png" height="200" width="200" alt="CPDO"></center>
</div>
</div>
<div class="panel-body">
<form accept-charset="UTF-8" id="login" action="<?php $_SERVER['PHP_SELF'] ?>" method="post" name="login" class="form-signin" role="form">
<fieldset>
<div class="form-group">
<input class="form-control info" placeholder="Username" name="username" id="username" required type="text">
</div>
<div class="form-group">
<input class="form-control info" placeholder="Password" name="password" id="password" required type="password" value="">
</div>
<label>
<div style=" font-size:90%" >
</div>
</label>
<input class="btn btn-lg btn-success btn-block" type="submit" value="Login">
</fieldset>
</form>
</div>
</div>
</div>
</div>
</div>
<script type="text/javascript">
$(document).ready(function(){
$(document).mousemove(function(e){
TweenLite.to($('body'),
.5,
{ css:
{
backgroundPosition: ""+ parseInt(event.pageX/8) + "px "+parseInt(event.pageY/'12')+"px, "+parseInt(event.pageX/'15')+"px "+parseInt(event.pageY/'15')+"px, "+parseInt(event.pageX/'30')+"px "+parseInt(event.pageY/'30')+"px"
}
});
});
});
</script>
</body>
<?php
}
?>
</html>
</html>
Try this to the back-end which receives the login parameters.
if($_POST["password"]) !== $password_stored_in_db) {
if($attempts == 3) {
header('Location: login.php?max_attempt=exceeded');
}
} else if (isset($attempts)) {
$attempts = ++ $attempts;
} else {
$attempts = 0;
}
header('Location: login.php?attempt=' . $attempts);
Also add this to login.php to determine if user has exceeded max attempts:
Make sure that login.php is set to check for max_attempt=exceeded by adding:
if(isset($_GET["max_attempt"])) {
if($_GET["max_attempt"] == "exceeded") {
// Error message
// Use $_SESSION to record the time and to stop user from trying again for a while because if you use cookies, it maybe overridden or re-set.
}
}
You really should store the information of attempts on the DB, but some quick hack by storing the data on the session would be
<?php
include 'connect.php';
if(isset($_POST) && !empty($_POST))
{
session_start();
include("config_DB.php"); //including config.php in our file
$username = mysql_real_escape_string(stripslashes($_POST['username']));
$password = mysql_real_escape_string(stripslashes(md5($_POST['password'])));
$user_type= $_GET['user_type'];
$match = "select * from $table where username = '".$username."' and password = '".sha1($password)."';";
$qry = mysql_query($match);
$row=mysql_fetch_array($qry);
$num_rows = mysql_num_rows($qry);
if($num_rows >= 1){
$_SESSION['attemps'] = 0;
$_SESSION['user']= $_POST["username"];
$_SESSION['name'] = $row['empName'];
$_SESSION['position'] = $row['empPosition'];
$_SESSION['user_type'] = $row['user_type'];
header("your_home_page");
} else {
$_SESSION['attemps'] ||= 0;
$_SESSION['attemps'] += 1;
if ($_SESSION['attemps'] > 3) {
header("location:/access_denied.php");
}
$display_warning = true;
}
}else{
?>
<!DOCTYPE HTML>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>City Planning and Development Office--Login</title>
<link rel="stylesheet" href="<?php echo base_url();?>assets/css/bootstrap.min.css"/>
<link rel="stylesheet" href="<?php echo base_url();?>assets/css/login-style.css"/>
<link rel="stylesheet/less" href="<?php echo base_url();?>assets/less/icons.less"/>
<!-- Load JavaScript Libraries -->
<script src="<?php echo base_url();?>assets/js/jquery/jquery-1.11.1.min.js"></script>
<script src="<?php echo base_url();?>assets/js/jquery/jquery-ui.js"></script>
<script src="<?php echo base_url();?>assets/js/jquery/jquery.widget.min.js"></script>
<!-- Load Metro JavaScript -->
<script src="<?php echo base_url();?>assets/js/load-metro.js"></script>
<script src="<?php echo base_url();?>assets/js/metro.min.js"></script>
<script src="<?php echo base_url();?>assets/js/metro-calendar.js"></script>
<script src="<?php echo base_url();?>assets/js/metro-datepicker.js"></script>
<!-- Load Bootstrap JavaScript -->
<script src="<?php echo base_url();?>assets/js/bootstrap.min.js"></script>
<script src="<?php echo base_url();?>assets/js/validate.js"></script>
<script src="<?php echo base_url();?>assets/js/condition.js"></script>
<!-- Login parallax -->
<style type="text/css">
body{
background:#000;
}
input.info{
color:#000 !important;
}
.vertical-offset-100{
padding-top:100px;
}
.login{
background:#ed1c24;
color:#fff;
}
body{
background: url(img/back.png);
background-color: #444;
background: url(/cpdo_ci/assets/images/pinlayer2.png),url(/cpdo_ci/assets/images/pinlayer1.png),url(/cpdo_ci/assets/images/back.png);
}
.vertical-offset-100{
padding-top:100px;
}
</style>
</head>
<body>
<script src="<?php echo base_url();?>assets/js/TweenLite.min.js"></script>
<div class="container" >
<div class="row vertical-offset-100">
<div class="col-md-4 col-md-offset-4">
<div class="panel panel-default">
<div class="panel-heading">
<div class="row-fluid user-row">
<center><img src="/cpdo_ci/assets/images/malolos.png" height="200" width="200" alt="CPDO"></center>
</div>
</div>
<div class="panel-body">
<form accept-charset="UTF-8" id="login" action="<?php $_SERVER['PHP_SELF'] ?>" method="post" name="login" class="form-signin" role="form">
<fieldset>
<div class="form-group">
<input class="form-control info" placeholder="Username" name="username" id="username" required type="text">
</div>
<div class="form-group">
<input class="form-control info" placeholder="Password" name="password" id="password" required type="password" value="">
</div>
<label>
<div style=" font-size:90%" >
</div>
</label>
<input class="btn btn-lg btn-success btn-block" type="submit" value="Login">
</fieldset>
</form>
</div>
</div>
</div>
</div>
</div>
<script type="text/javascript">
$(document).ready(function(){
<?php if defined($display_warning) : ?>
window.alert('Invalid username/password!');
<?php endif; ?>
$(document).mousemove(function(e){
TweenLite.to($('body'),
.5,
{ css:
{
backgroundPosition: ""+ parseInt(event.pageX/8) + "px "+parseInt(event.pageY/'12')+"px, "+parseInt(event.pageX/'15')+"px "+parseInt(event.pageY/'15')+"px, "+parseInt(event.pageX/'30')+"px "+parseInt(event.pageY/'30')+"px"
}
});
});
});
</script>
</body>
</html>
</html>
I'm trying to create a mobile site and I'm using sessions to get the users username. When I view the mobile site on my desktop it works fine and I can get the username of the user from page to page. But when I view the same site on my mobile browser the session doesn't carry over from page to page.
Here is my login page:
<?php
//allow sessions to be passed so we can see if the user is logged in
session_start();
ob_start();
//connect to the database so we can check, edit, or insert data to our users table
$con = mysql_connect(***info to connect to database) or die(mysql_error());
$db = mysql_select_db('dbname', $con) or die(mysql_error());
//include out functions file giving us access to the protect() function made earlier
include "./functions.php";
$userid = $_SESSION['uid'];
$lookupusername = mysql_query("SELECT * FROM users WHERE ID='$userid'");
$row = mysql_fetch_assoc($lookupusername);
$username = $row['username'];
$usercountry = $row['country'];
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="apple-mobile-web-app-capable" content="yes" />
<title>15:11 Project Mobile</title>
<link rel="stylesheet" href="css/jquery.mobile-1.3.0.css" />
<link href="//netdna.bootstrapcdn.com/font-awesome/3.2.0/css/font-awesome.css" rel="stylesheet">
<script src="js/jquery-1.8.3.js"></script>
<script src="js/jquery.mobile-1.3.0.js"></script>
</head>
<body>
<!-- BEGIN LOGIN PAGE -->
<div data-role="page" id="login" style="background: #c66200;">
<div data-role="header">
</div>
<div data-role="content">
<center>
<div class="ui-grid-b">
<img src="images/logo_white.png">
</div>
</center>
<?
//check if the login session does no exist
if(strcmp($_SESSION['uid'],'') == 1){
//if it doesn't display an error message
header('Location: feed.php');
}
else {
//If the user has submitted the form
if($_POST['submit']){
//protect the posted value then store them to variables
$username = protect($_POST['username']);
$thepassword = md5($_POST['password']);
$password = protect($thepassword);
//Check if the username or password boxes were not filled in
if(!$username || !$password){
//if not display an error message
echo "<center>You need to fill in a <b>Username</b> and a <b>Password</b>!</center>";
}else{
//if the were continue checking
//select all rows from the table where the username matches the one entered by the user
$res = mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."'");
$num = mysql_num_rows($res);
//check if there was not a match
if($num == 0){
//if not display an error message
echo "<center>The <b>Username</b> you supplied does not exist!</center>";
}else{
//if there was a match continue checking
//select all rows where the username and password match the ones submitted by the user
$res = mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."' AND `password` = '".$password."'");
$num = mysql_num_rows($res);
//check if there was not a match
if($num == 0){
//if not display error message
echo "<center>The <b>Password</b> you supplied does not match the one for that username!</center>";
}else{
//if there was continue checking
//split all fields fom the correct row into an associative array
$row = mysql_fetch_assoc($res);
//check to see if the user has not activated their account yet
if($row['active'] != 1){
//if not display error message
echo "<center>You have not yet <b>Activated</b> your account!</center>";
}else{
//if they have log them in
//set the login session storing there id - we use this to see if they are logged in or not
$_SESSION['uid'] = $row['id'];
//show message
echo "<center>You have successfully logged in!</center>";
//update the online field to 50 seconds into the future
$time = date('U')+50;
mysql_query("UPDATE `users` SET `online` = '".$time."' WHERE `id` = '".$_SESSION['uid']."'");
//redirect them to the usersonline page
$loginpage="#feed";
header("Location: feed.php" . $loginpage);
exit();
}
}
}
}
}
}
?>
<center>
<form action="index.php#feed" method="post" data-ajax="false">
<div style="width: 75%; border-top: 1px solid #ffffff; margin-top: 20px; padding-top: 20px; border-bottom: 1px solid #ffffff; margin-bottom: 20px; padding-bottom: 20px;">
<div class="ui-hide-label">
<label for="username">Username:</label>
<input type="text" name="username" id="username" value="" placeholder="username" data-mini="true" style="color: #c66200;"/><br>
<label for="password">password:</label>
<input type="password" name="password" id="password" value="" placeholder="password" data-mini="true" style="color: #c66200;"/><br>
</div>
<div style="width: 40%;">
<input type="submit" data-role="button" name="submit" value="Login" data-mini="true" style="color: #c66200 !important;"/>
</div>
</div>
</center>
<?
ob_end_flush();
?>
</div>
<div data-role="footer">
</div>
</div>
<!-- END LOGIN PAGE -->
</body>
</html>
Here is what I have for my feed.php page which the login page routes to. I can get the users info on this page. Whenever I click a link to go to the "browseresults" page the information doesn't carry over.
<?php
//allow sessions to be passed so we can see if the user is logged in
session_start();
ob_start();
//connect to the database so we can check, edit, or insert data to our users table
$con = mysql_connect(***db info***) or die(mysql_error());
$db = mysql_select_db('dbname', $con) or die(mysql_error());
//include out functions file giving us access to the protect() function made earlier
include "./functions.php";
$userid = $_SESSION['uid'];
$lookupusername = mysql_query("SELECT * FROM users WHERE ID='$userid'");
$row = mysql_fetch_assoc($lookupusername);
$username = $row['username'];
$usercountry = $row['country'];
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="apple-mobile-web-app-capable" content="yes" />
<title>15:11 Project Mobile</title>
<link rel="stylesheet" href="css/jquery.mobile-1.3.0.css" />
<link href="font-awesome/css/font-awesome.css" rel="stylesheet">
<script src="js/jquery-1.8.3.js"></script>
<script src="js/jquery.mobile-1.3.0.js"></script>
</head>
<body>
<!-- BEGIN PAGE 3 -->
<div data-role="page" id="browse">
<div data-role="panel" id="settingspanel" data-position="left" data-display="overlay">
<ul data-role="controlgroup">
<li>Page Two</li>
<li>Page Three</li>
<li>Page Four</li>
<li>Logout</li>
</ul>
</div>
<div data-role="header" data-position="fixed" data-theme="c" data-tap-toggle="false" data-id="foo1" style="padding-top: 5px; border-bottom: 1px solid #eccfb3; padding-bottom: 5px;">
<center><img src="images/logo_app_white.png" width="30px"></center>
</div>
<div data-role="content">
<?php
$fquery = "SELECT state, city, count(city) as num FROM needs WHERE country='$usercountry' AND status='posted' GROUP BY state, city ORDER BY state, city";
if ($result = mysql_query($fquery)) {
$num_rows = mysql_num_rows($result);
echo "<table>";
$i = 1;
$cols = 2;
$prev = "";
while ($frows = mysql_fetch_array($result)) {
$fcity = $frows['city'];
$fstate = $frows['state'];
$fcitycount = $frows['num']; // num is holding your count by city
if ($fstate != $prev) {
echo "<tr></tr><tr></tr><tr></tr><tr></tr><tr></tr><tr></tr><tr></tr><tr><th align='left'>$fstate</th></tr><tr>";
}
echo "<td><a href='browseresults.php?city=$fcity&state=$fstate'>$fcity, $fstate ($fcitycount)</a> </td>";
echo ($i < $num_rows) ? ((($i % $cols) == 0) ? '</tr>' : '') : '';
$i++;
$prev = $fstate;
}
echo "</table>";
}
?>
</div>
<div data-role="footer" data-position="fixed" data-theme="c" data-tap-toggle="false" data-id="foo1" style="border-top: 1px solid #eccfb3; padding-top: 5px;">
<div data-role="navbar" style="background: #ce8339;">
<ul>
<li>My Feed</li>
<li>Submit</li>
<li>Browse</li>
<li>Projects</li>
</ul>
</div><!-- /navbar -->
</div>
</div>
<!-- END PAGE 3 -->
</body>
</html>
And here is the browseresults.php page which is the page that is not getting the session data.
<?php
//allow sessions to be passed so we can see if the user is logged in
session_start();
ob_start();
//connect to the database so we can check, edit, or insert data to our users table
$con = mysql_connect(***dbinfo***) or die(mysql_error());
$db = mysql_select_db(dbname, $con) or die(mysql_error());
//include out functions file giving us access to the protect() function made earlier
include "./functions.php";
$userid = $_SESSION['uid'];
$lookupusername = mysql_query("SELECT * FROM users WHERE ID='$userid'");
$row = mysql_fetch_assoc($lookupusername);
$username = $row['username'];
$usercountry = $row['country'];
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="apple-mobile-web-app-capable" content="yes" />
<title>15:11 Project Mobile</title>
<link rel="stylesheet" href="css/jquery.mobile-1.3.0.css" />
<link href="font-awesome/css/font-awesome.css" rel="stylesheet">
<script src="js/jquery-1.8.3.js"></script>
<script src="js/jquery.mobile-1.3.0.js"></script>
</head>
<body>
<!-- BEGIN PAGE 1 -->
<?
echo "$username";
?>
<!-- END PAGE 1 -->
</body>
</html>
no username is outputted. Can anyone help explain why and help me get this sorted out please?