I want to carry value stored in session one page to another page where I am using following code which value I want to carry it is not working.
Here is my code
login.php
<?php
include('conn.php');
if (isset($_POST['submit'])) {
$UserName=$_POST['user'];
$PassWord=$_POST['pass'];
$eid=$_POST['eid'];
//echo $UserName;
//echo $PassWord;
$sql = "SELECT role from login WHERE username='$UserName'and password='$PassWord'";
//$sql=mysql_query("select usertype from login where username='$UserType' and password='$Password'")or die (mysql_error());//query sang database
$retval = mysql_query($sql);
if(! $retval ) {
die('Could not get data: ' . mysql_error());
}
while($row = mysql_fetch_array($retval, MYSQL_ASSOC)) {
session_start();
$_SESSION["user"]=$UserName;
$_SESSION["pass"]=$PassWord ;
$_SESSION['role']=$row['role'];
$_SESSION['eid']=$eid;
if ($row['role']==0) {
header("location:admin.php");
}
elseif ($row['role']==1) {
header("location:UserUomePage.php");
}
}
}
echo "Invalid User Name and Password\n";
?>
When I use
echo $_SESSION['eid'];
it is giving user name. How can I get eid value?
Keep session_start() outside the loop.
And check are you getting value from post in $eid or not.
In next page, you can check:
print_r($_SESSION);
and see what values you are getting.
if(isset($_SESSION['eid']))
{
echo $_SESSION['eid'];
}
else
echo 'NO';
Related
I have been working is a website I have been dealing with a problem from a while, and now I know why it is happening, but not how to solve it. Please help!!
Page 1:
In the first page, login page set the $_SESSION['user_id'] is stored the value that are fetch in database user id. In same page can print session and it work properly(the $_SESSION['user_id'] is print) and also navigate the next page(user home).
page 2:
In page 2(user home) the $_SESSION['user_id'] is turned into null value why this happen?
most probably see this problem in, forgot to set the session start but I was set session start both page...
page 1
<?php
if (isset($_POST['sub'])) {
$user = $_POST['user'];
$pass = $_POST['pass'];
$con = mysqli_connect("localhost", "root", "");
$db = mysqli_select_db($con, "Database");
$qry = "select * from TABLE where username='$user' and password='$pass'";
$res = mysqli_query($con, $qry) or die("could not connect to mysql");
$row = mysqli_fetch_array($res);
$len = mysqli_num_rows($res);
if ($len <= 0) {
echo "<script>";
echo "alert('Oops.Username Or Password Incorrect!');window.location.href='login.php';";
echo "</script>";
} else {
session_start();
$_SESSION['id'] = $row['id'];
$_SESSION['message'] = $user;
$_SESSION['logout'] = "";
$id = $_SESSION['id'];
echo "<script>";
echo "alert('log in Success $id ');window.location.href='login.php';"; //$id is print correctly
echo "</script>";
}
}
?>
page 2
<?php
ob_start();
session_start();
if (isset($_SESSION['id'])) {
$id = $_SESSION['id'];
echo "$user"; // not printed
}
if (isset($_SESSION['message'])) {
$msg = $_SESSION['message'];
$_SESSION['message'] = "";
}
if (isset($_SESSION['logout'])) {
$msg = $_SESSION['logout'];
if ($msg == 'logout') {
header("location:login.php");
$_SESSION['message'] = "you must login first";
exit(0);
}
}
?>
<?php
echo "welcome"; // only print this string the above session are not work
?>
I also use this code before some project and it work correctly then why this time the session value not working?
use session in the start in first page, like this. Hopefully this will work
<?php
session_start();
if (isset($_POST['sub']))
{
$user=$_POST['user'];
$pass=$_POST['pass'];
$con=mysqli_connect("localhost","root","");
$db=mysqli_select_db($con,"Database");
$qry="select * from TABLE where username='$user' and password='$pass'";
$res=mysqli_query($con,$qry)or die("could not connect to mysql");
$row=mysqli_fetch_array($res);
$len=mysqli_num_rows($res);
if($len<=0)
{
echo"<script>";
echo"alert('Oops.Username Or Password Incorrect!');window.location.href='login.php';";
echo"</script>";
}
else
{
$_SESSION['id']=$row['id'];
$_SESSION['message']=$user;
$_SESSION['logout']="";
$id=$_SESSION['id'];
echo"<script>";
echo"alert('log in Success $id ');window.location.href='login.php';"; //$id is print correctly
echo"</script>";
}
}
?>
I can login succesfuly and the user can be displayed... But im doing something wrong here, i can't display the name of the user. Here is the form I tried:
<?php
include("dbconfig.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password received from loginform
$name=mysqli_real_escape_string($dbconfig,$_POST['name']);
$username=mysqli_real_escape_string($dbconfig,$_POST['username']);
$password=mysqli_real_escape_string($dbconfig,$_POST['password']);
$sql_query="SELECT id FROM user WHERE username='$username' and password='$password'";
$result=mysqli_query($dbconfig,$sql_query);
$row=mysqli_fetch_array($result,MYSQLI_ASSOC);
$count=mysqli_num_rows($result);
// If result matched $username and $password, table row must be 1 row
if($count==1)
{
$_SESSION['login_user']=$username;
header("location: home.php");
}
else
{
$error="Useri ose passwordi gabim!";
}
}
?>
and here is the desplay code:
<?php
if(!isset($_SESSION['login_user']))
{
header("Location: login.php");
}
else
{
$name=$_SESSION['login_user'];
?>
Welcome <?php echo $name;?>
<?php
}
?>
What am I missing can anyone help me out? Thanks!
From what I understand, you're trying to display the user's name and not the username in the welcome message.
First of all, please see that you are not even retrieving the user's name. So, you need to fetch that along with the id.
Considering the field is "name" in your database.
You can modify your query:
$sql_query="SELECT id, name FROM user WHERE username='$username' and password='$password'"; // Add name along with id
$result = mysqli_query($dbconfig,$sql_query);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$count = mysqli_num_rows($result);
if($count==1) {
$_SESSION['User']['username'] = $username; // Change this
$_SESSION['User']['name'] = $row['name']; // Add this
header("location: home.php");
} else {
/* Other code */
}
Now, your display code:
<?php
session_start();
if(!isset($_SESSION['User'])) {
header("Location: login.php");
} else {
$name = $_SESSION['User']['name'];
?>
Welcome <?php echo $name;?>
<?php } ?>
Hope this helps.
Hi developed a admin login an user login page in php when i loged in as a admin it work perfect and when i loged in as a user then it always give same user name on screen but all time username is different in db
Here is my code
login.php
<?php
include('conn.php');
if (isset($_POST['submit'])){
$UserName=$_POST['user'];
$PassWord=$_POST['pass'];
//echo $UserName;
//echo $PassWord;
$sql = "SELECT role from login WHERE username='$UserName'and password='$PassWord'";
//$sql=mysql_query("select usertype from login where username='$UserType' and password='$Password'")or die (mysql_error());//query sang database
$retval = mysql_query($sql);
if(! $retval )
{
die('Could not get data: ' . mysql_error());
}
while($row = mysql_fetch_array($retval, MYSQL_ASSOC))
{
session_start();
$_SESSION["user"]=$UserName;
$_SESSION["pass"]=$PassWord ;
$_SESSION['role']=$row['role'];
$_SESSION['eid']=$row['eid'];
if ($row['role']==0){
header("location:admin.php");
}
elseif ($row['role']==1) {
header("location:testing.php");
}
}
}
echo "Invalid User Name and Password\n";
?>
Testing.php
<?php
include('conn.php');
session_start();
if (!isset($_SESSION['role'])){
header('location:index.php');
}
//
?>
logout
</br>
</br>
<?php
//mag show sang information sang user nga nag login
$role=$_SESSION['role'];
$eid=$_SESSION['eid'];
$result=mysql_query("select * from login where role='$role'")or die(mysql_error);
$row=mysql_fetch_array($result);
$UserName=$row['username'];
echo $UserName;
?>
my problem is that when i loged in as user then user name should print on screen
How can i achieve my goal
Thanks in advance
$result=mysql_query("select * from login where role='$role'")or die(mysql_error);
This query will only show the first user, no matter what
You already stored the username in the session, so just echo
$_SESSION['user'];
and you will get the logged in username
<?php
include('conn.php');
session_start();
if (!isset($_SESSION['role'])){
header('location:index.php');
}
//
?>
logout
</br>
</br>
<?php
//mag show sang information sang user nga nag login
echo $_SESSION['user'];
?>
Into your login.php code
You need to update your query by adding eid to your query
$sql = 'SELECT role, eid from login WHERE username = "'.mysql_real_escape_string($UserName).'" AND password = "'.mysql_real_escape_string($PassWord).'" ';
If user is found, you can store eid and role into your session, and never store password into session.
$query = mysql_query($sql) or die('Database error -> ' . mysql_error());
if(mysql_num_rows($query)>0){
$row = mysql_fetch_array($query)
$_SESSION['userName'] = $row['username'];
}
Into your Testing.php code
You don't need to go to your database any more, just check your session to get the
echo $_SESSION['userName'];
When the user correctly inserts his information in the login form it redirects to the home page which is what i want but i'm having a problem when the user inputs wrong info. It just shows connected successfully and database successfully selected. It stops on the page checklogin.php. As if it doesn't even read the session part. Please go through my code.
Here's my code for the register form:
<?php
$con=mysql_connect("localhost","root","");
if(!$con){
die('Could not connect:' .mysql_error());
}
echo "Connected successfully.";
$database=mysql_select_db('90210store');
if(!$database){
die('<br>Could not select database:' .mysql_error());
}
echo "<br>Database successfully selected";
$FirstName=$_POST['FirstName']; //to get the information written in the form
$LastName=$_POST['LastName'];
$EmailAdd=$_POST['EmailAdd'];
$check_list=$_POST['check_list'];
$dob=$_POST['dob'];
$Gender=$_POST['gender'];
$Password=$_POST['Password'];
$first= "INSERT INTO login
(FirstName,LastName,EmailAdd,Newsletter,DOB,Gender,Password)
VALUES
('$FirstName','$LastName','$EmailAdd','$check_list','$dob','$Gender','$Password')";
$result=mysql_query($first);
if($result){
echo('<br>Data enterred successfully');
}
else{
echo('<br>Fail');
}
if($result)
{
header('Location: phpredirectlogin.php');
}
mysql_close($con);
?>
Then this is the page it redirects to(phpredirectlogin.php):
<?php
echo "<script>alert('Redirecting you to the login page');</script>";
echo "<script>window.location = 'account.html';</script>";
?>
This is the php page which checks the login(checklogin.php):
<?php
$Email=$_POST['email'];
$Pwd=$_POST['pwd'];
$con=mysql_connect("localhost","root","");
if(!$con){
die('Could not connect:' .mysql_error());
}
echo "Connected successfully.";
$database=mysql_select_db('90210store');
if(!$database){
die('<br>Could not select database:' .mysql_error());
}
echo "<br>Database successfully selected";
$result = mysql_query("SELECT * FROM login
WHERE EmailAdd='$Email' AND Password='$Pwd'") or die('QueryFailed:'.mysql_error());
while($row=mysql_fetch_array($result))
{
session_start();
$_SESSION['ID']=1234;
header('Location:checklogin1.php');
}
mysql_close($con);
?>
Then this page redirects the user to checklogin1.php.The code is:
<?php
session_start();
if(!isset($_SESSION['ID']))
{
header('Location:account.html');
}
else
{
header('Location:90210.html');
}
?>
There has to be some error somewhere but i can't seem to figure it out. Any help will be appreciated. Thank you.
Change this
$result = mysql_query("SELECT * FROM login
WHERE EmailAdd='$Email' AND Password='$Pwd'") or die('QueryFailed:'.mysql_error());
while($row=mysql_fetch_array($result))
{
session_start();
$_SESSION['ID']=1234;
header('Location:checklogin1.php');
}
to this
$result = mysql_query("SELECT * FROM login
WHERE EmailAdd='$Email' AND Password='$Pwd' LIMIT 1") or die('QueryFailed:'.mysql_error());
if (mysql_num_rows($result) == 1 ) {
$_SESSION['ID']=1234;
header('Location:checklogin1.php');
}
And get the session_start() right to the beginning of the code.
Moreover, you could redirect to the respective pages from here itself so that you have only one redirect instead of two and get rid of checklogin1.php. Thus you may edit the above condition to the following:
if(mysql_num_rows($result) == 1) {
$_SESSION['ID']=1234;
header('Location:90210.html');
} else {
header('Location:account.html');
}
At first remove all statuses: ex. echo "<br>Database successfully selected";
session_start();
should be at in each page on first line.
In checklogin.php add checking mysql result count:
$res_count = mysql_num_rows($result);
if($res_count != 0) {
$_SESSION['ID']=1234;
header('Location:checklogin1.php');
}
I am trying to create two separate sessions- one for if the user is admin and another if the user is author. $type stored type as enum (can be either author or admin). But, I am not getting unique session id's for my sessions. I am new to PHP and MySQL . can somebody tell me where the error is in my code.
Please help
<?php
session_start();
?>
<?php
include("dbconnect.php");
$con= new dbconnect();
$con->connect();
//create and issue the query
$sql = "SELECT type FROM users WHERE username = '".$_POST["username"]."' AND password = PASSWORD('".$_POST["password"]."')";
$result = mysql_query($sql);
//get the number of rows in the result set; should be 1 if a match
if (mysql_num_rows($result) == 1) {
$type_num=0;
//if authorized, get the values
while ($info = mysql_fetch_array($result)) {
$type =$info['type'];
}
if($type == "admin")
{
$_SESSION['type']=1;
$u = 'welcome.php';
header('Location: '.$u);
}
else
{
$_SESSION['type']=$type_num;
$u = 'welcome.php';
header('Location: '.$u);
}
}
else {
//redirect back to loginfailed.html form if not in the table
header("Location: loginfailed.html");
exit;
}
?>
welcome.php is as follows:
<?php
session_start();
?>
<html>
<body>
<h2>Welcome to SOD73.</h2>
<?
if($_SESSION['type']==1){
echo "You are of the usertype Admin and your session id is ";
echo session_id();
session_destroy();
}
else {
echo "You are of the usertype Author and your session id is ";
echo session_id();
session_destroy();
}
?>
</body>
</html>
You have to use session_regenerate_id() before call session_destroy() in the file welcome.php