Re: [PHP] Re: Session won't pick up one variable
On Fri, Jan 30, 2009 at 5:44 PM, Shawn McKenzie nos...@mckenzies.netwrote: Terion Miller wrote: Well I changed it because it's not a post since its not coming from a form is this closer? if (!empty($UserName)) { Why are you doing this? Only to see if 0 rows are returned? You can use the results you know. $sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE `UserName`='$UserName' and`Password`='$Password'; $result = mysql_query ($sql); $row = mysql_fetch_object ($result); Do you maybe mean $row['AdminID']? Well you're using objects now so $row-AdminID? $AdminId = $_SESSION['AdminID']; What in the hell are you doing here? If it's set then set it again to equal itself? if(isset($_SESSION['AdminID'])) $_SESSION['AdminID'] = $_SESSION['AdminID']; else $_SESSION['AdminID'] = $AdminID; If (mysql_num_rows($result) 0) { $_SESSION['AdminLogin'] = true; $_SESSION['user']=$UserName; $_SESSION['AdminID']=$AdminID; header ('Location: Main.php'); exit; } else { You either need to get a good PHP book or pay much closer attention to what you're doing. Many more problems, but those seem to cause your issue. This is not complete but seems to be the structure you need: session_start(); include(inc/dbconn_open.php); if (!empty($_POST['UserName']) !empty($_POST['Password'])) { $UserName = $_POST['UserName']; $Password = $_POST['Password']; $sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE `UserName`='$UserName' and`Password`='$Password'; $result = mysql_query ($sql); $row = mysql_fetch_object ($result); If (mysql_num_rows($result) 0) { $_SESSION['AdminLogin'] = true; $_SESSION['user'] = $UserName; $_SESSION['AdminID'] = $row-AdminID; header ('Location: Main.php'); exit; } else { -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php yep I had actually tried your way my first try because it seemed to be what exactly it should do, but I get a blank pageno errors just a blank page, so I was suggested by someone else it was that the AdminID is not set, so that is why I was attempting to set it And for the record I have two O'reilly books on php...programming php, and web database applications with php, and the sessions section pretty much includes: session_start() and the oh so helpful $_SESSION($BLAH) = 'BLAH' I couldn't find anything about how to pull a result from the db and then use it to set a session, well anything past what seem to be common sense, to just put it after the query...and it does not pick up the adminID, and I've also tried another suggestion and also get a blank page, should I be setting the AdminID session on the page after the login? Here was the other way I tried : $UserName = (isset($_POST['UserName'])) ? mysql_real_escape_string($_POST[ 'UserName']) : ''; $Password = (isset($_POST['Password'])) ? mysql_real_escape_string($_POST[ 'Password']) : ''; if (!empty($UserName)) { $sql = SELECT `AdminID`,`UserName`,`Password` FROM `admin` WHERE `UserName`='$UserName'; $result = mysql_query($sql); $row = mysql_fetch_array($result); //If hashed passwords match proceed login if (sha1($Password) == $row['Password']) { //granted the password was sha1() before insertion into db $_SESSION['AdminID'] = (isset($_SESSION['AdminID'])) ? $_SESSION[ 'AdminID'] : $row['id']; $_SESSION['AdminLogin'] = true; $_SESSION['user'] = $UserName; header ('Location: Main.php'); } }
Re: [PHP] Re: Session won't pick up one variable (SOLVED)
thanks got it fixed: if (!empty($_POST['UserName']) !empty($_POST['Password'])) { $UserName = $_POST['UserName']; $Password = $_POST['Password']; } *---was missing a curly bracket..oi syntax* $msg = ''; if (!empty($UserName)) { $sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE `UserName`='$UserName' and`Password`='$Password'; $result = mysql_query ($sql); $row = mysql_fetch_object ($result); If (mysql_num_rows($result) 0) { $_SESSION['AdminLogin'] = true; $_SESSION['user'] = $UserName; $_SESSION['AdminID'] = $row-AdminID; header ('Location: Main.php'); exit;
[PHP] Re: Session won't pick up one variable
Well I changed it because it's not a post since its not coming from a form is this closer? ?php //start session session_start(); //db connection include include(inc/dbconn_open.php) ; //errors on error_reporting(E_ALL); ini_set('display_errors', '1'); if (isset($_POST['UserName'])) {$UserName = $_POST['UserName'];} else {$UserName = '';} if (isset($_POST['Password'])) {$Password = $_POST['Password'];} else {$Password = '';} $msg = ''; if (!empty($UserName)) { $sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE `UserName`='$UserName' and`Password`='$Password'; $result = mysql_query ($sql); $row = mysql_fetch_object ($result); $AdminId = $_SESSION['AdminID']; if(isset($_SESSION['AdminID'])) $_SESSION['AdminID'] = $_SESSION['AdminID']; else $_SESSION['AdminID'] = $AdminID; If (mysql_num_rows($result) 0) { $_SESSION['AdminLogin'] = true; $_SESSION['user']=$UserName; $_SESSION['AdminID']=$AdminID; header ('Location: Main.php'); exit; } else { On Fri, Jan 30, 2009 at 4:20 PM, Terion Miller webdev.ter...@gmail.comwrote: Think I'm setting this in the wrong place...someone help ...where do I set the AdminID session if (isset($_POST['UserName'])) {$UserName = $_POST['UserName'];} else {$UserName = '';} if (isset($_POST['Password'])) {$Password = $_POST['Password'];} else {$Password = '';} $msg = ''; if (!empty($UserName)) { $sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE `UserName`='$UserName' and`Password`='$Password'; $result = mysql_query ($sql); $row = mysql_fetch_object ($result); if (isset($_POST['AdminID'])) {$AdminID = $_POST['AdminID'];} else {$AdminID= '';} If (mysql_num_rows($result) 0) { $_SESSION['AdminLogin'] = true; $_SESSION['user']=$UserName; $_SESSION['AdminID']=$AdminID; header ('Location: Main.php'); exit; } else {
[PHP] Re: Session won't pick up one variable
Terion Miller wrote: Well I changed it because it's not a post since its not coming from a form is this closer? if (!empty($UserName)) { Why are you doing this? Only to see if 0 rows are returned? You can use the results you know. $sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE `UserName`='$UserName' and`Password`='$Password'; $result = mysql_query ($sql); $row = mysql_fetch_object ($result); Do you maybe mean $row['AdminID']? Well you're using objects now so $row-AdminID? $AdminId = $_SESSION['AdminID']; What in the hell are you doing here? If it's set then set it again to equal itself? if(isset($_SESSION['AdminID'])) $_SESSION['AdminID'] = $_SESSION['AdminID']; else $_SESSION['AdminID'] = $AdminID; If (mysql_num_rows($result) 0) { $_SESSION['AdminLogin'] = true; $_SESSION['user']=$UserName; $_SESSION['AdminID']=$AdminID; header ('Location: Main.php'); exit; } else { You either need to get a good PHP book or pay much closer attention to what you're doing. Many more problems, but those seem to cause your issue. This is not complete but seems to be the structure you need: session_start(); include(inc/dbconn_open.php); if (!empty($_POST['UserName']) !empty($_POST['Password'])) { $UserName = $_POST['UserName']; $Password = $_POST['Password']; $sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE `UserName`='$UserName' and`Password`='$Password'; $result = mysql_query ($sql); $row = mysql_fetch_object ($result); If (mysql_num_rows($result) 0) { $_SESSION['AdminLogin'] = true; $_SESSION['user'] = $UserName; $_SESSION['AdminID'] = $row-AdminID; header ('Location: Main.php'); exit; } else { -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php