Re: [PHP] Re: Session won't pick up one variable
On Fri, Jan 30, 2009 at 5:44 PM, Shawn McKenzie nos...@mckenzies.netwrote:
Terion Miller wrote:
Well I changed it because it's not a post since its not coming from a
form
is this closer?
if (!empty($UserName)) {
Why are you doing this? Only to see if 0 rows are returned? You can
use the results you know.
$sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE
`UserName`='$UserName' and`Password`='$Password';
$result = mysql_query ($sql);
$row = mysql_fetch_object ($result);
Do you maybe mean $row['AdminID']? Well you're using objects now so
$row-AdminID?
$AdminId = $_SESSION['AdminID'];
What in the hell are you doing here? If it's set then set it again to
equal itself?
if(isset($_SESSION['AdminID']))
$_SESSION['AdminID'] = $_SESSION['AdminID'];
else
$_SESSION['AdminID'] = $AdminID;
If (mysql_num_rows($result) 0) {
$_SESSION['AdminLogin'] = true;
$_SESSION['user']=$UserName;
$_SESSION['AdminID']=$AdminID;
header ('Location: Main.php');
exit;
} else {
You either need to get a good PHP book or pay much closer attention to
what you're doing. Many more problems, but those seem to cause your
issue. This is not complete but seems to be the structure you need:
session_start();
include(inc/dbconn_open.php);
if (!empty($_POST['UserName']) !empty($_POST['Password'])) {
$UserName = $_POST['UserName'];
$Password = $_POST['Password'];
$sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE
`UserName`='$UserName' and`Password`='$Password';
$result = mysql_query ($sql);
$row = mysql_fetch_object ($result);
If (mysql_num_rows($result) 0) {
$_SESSION['AdminLogin'] = true;
$_SESSION['user'] = $UserName;
$_SESSION['AdminID'] = $row-AdminID;
header ('Location: Main.php');
exit;
} else {
--
Thanks!
-Shawn
http://www.spidean.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
yep I had actually tried your way my first try because it seemed to be what
exactly it should do, but I get a blank pageno errors just a blank page,
so I was suggested by someone else it was that the AdminID is not set, so
that is why I was attempting to set it
And for the record I have two O'reilly books on php...programming php, and
web database applications with php, and the sessions section pretty much
includes:
session_start()
and the oh so helpful $_SESSION($BLAH) = 'BLAH'
I couldn't find anything about how to pull a result from the db and then use
it to set a session, well anything past what seem to be common sense, to
just put it after the query...and it does not pick up the adminID, and I've
also tried another suggestion and also get a blank page, should I be setting
the AdminID session on the page after the login?
Here was the other way I tried :
$UserName = (isset($_POST['UserName'])) ? mysql_real_escape_string($_POST[
'UserName']) : '';
$Password = (isset($_POST['Password'])) ? mysql_real_escape_string($_POST[
'Password']) : '';
if (!empty($UserName)) {
$sql = SELECT `AdminID`,`UserName`,`Password` FROM `admin` WHERE
`UserName`='$UserName';
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
//If hashed passwords match proceed login
if (sha1($Password) == $row['Password']) { //granted the password was
sha1() before insertion into db
$_SESSION['AdminID'] = (isset($_SESSION['AdminID'])) ? $_SESSION[
'AdminID'] : $row['id'];
$_SESSION['AdminLogin'] = true;
$_SESSION['user'] = $UserName;
header ('Location: Main.php');
}
}
Re: [PHP] Re: Session won't pick up one variable (SOLVED)
thanks got it fixed:
if (!empty($_POST['UserName']) !empty($_POST['Password'])) {
$UserName = $_POST['UserName'];
$Password = $_POST['Password'];
} *---was missing a curly bracket..oi syntax*
$msg = '';
if (!empty($UserName)) {
$sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE
`UserName`='$UserName' and`Password`='$Password';
$result = mysql_query ($sql);
$row = mysql_fetch_object ($result);
If (mysql_num_rows($result) 0) {
$_SESSION['AdminLogin'] = true;
$_SESSION['user'] = $UserName;
$_SESSION['AdminID'] = $row-AdminID;
header ('Location: Main.php');
exit;
[PHP] Re: Session won't pick up one variable
Well I changed it because it's not a post since its not coming from a form
is this closer?
?php
//start session
session_start();
//db connection include
include(inc/dbconn_open.php) ;
//errors on
error_reporting(E_ALL);
ini_set('display_errors', '1');
if (isset($_POST['UserName'])) {$UserName = $_POST['UserName'];} else
{$UserName = '';}
if (isset($_POST['Password'])) {$Password = $_POST['Password'];} else
{$Password = '';}
$msg = '';
if (!empty($UserName)) {
$sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE
`UserName`='$UserName' and`Password`='$Password';
$result = mysql_query ($sql);
$row = mysql_fetch_object ($result);
$AdminId = $_SESSION['AdminID'];
if(isset($_SESSION['AdminID']))
$_SESSION['AdminID'] = $_SESSION['AdminID'];
else
$_SESSION['AdminID'] = $AdminID;
If (mysql_num_rows($result) 0) {
$_SESSION['AdminLogin'] = true;
$_SESSION['user']=$UserName;
$_SESSION['AdminID']=$AdminID;
header ('Location: Main.php');
exit;
} else {
On Fri, Jan 30, 2009 at 4:20 PM, Terion Miller webdev.ter...@gmail.comwrote:
Think I'm setting this in the wrong place...someone help ...where do I set
the AdminID session
if (isset($_POST['UserName'])) {$UserName = $_POST['UserName'];} else
{$UserName = '';}
if (isset($_POST['Password'])) {$Password = $_POST['Password'];} else
{$Password = '';}
$msg = '';
if (!empty($UserName)) {
$sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE
`UserName`='$UserName' and`Password`='$Password';
$result = mysql_query ($sql);
$row = mysql_fetch_object ($result);
if (isset($_POST['AdminID'])) {$AdminID = $_POST['AdminID'];} else
{$AdminID= '';}
If (mysql_num_rows($result) 0) {
$_SESSION['AdminLogin'] = true;
$_SESSION['user']=$UserName;
$_SESSION['AdminID']=$AdminID;
header ('Location: Main.php');
exit;
} else {
[PHP] Re: Session won't pick up one variable
Terion Miller wrote:
Well I changed it because it's not a post since its not coming from a form
is this closer?
if (!empty($UserName)) {
Why are you doing this? Only to see if 0 rows are returned? You can
use the results you know.
$sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE
`UserName`='$UserName' and`Password`='$Password';
$result = mysql_query ($sql);
$row = mysql_fetch_object ($result);
Do you maybe mean $row['AdminID']? Well you're using objects now so
$row-AdminID?
$AdminId = $_SESSION['AdminID'];
What in the hell are you doing here? If it's set then set it again to
equal itself?
if(isset($_SESSION['AdminID']))
$_SESSION['AdminID'] = $_SESSION['AdminID'];
else
$_SESSION['AdminID'] = $AdminID;
If (mysql_num_rows($result) 0) {
$_SESSION['AdminLogin'] = true;
$_SESSION['user']=$UserName;
$_SESSION['AdminID']=$AdminID;
header ('Location: Main.php');
exit;
} else {
You either need to get a good PHP book or pay much closer attention to
what you're doing. Many more problems, but those seem to cause your
issue. This is not complete but seems to be the structure you need:
session_start();
include(inc/dbconn_open.php);
if (!empty($_POST['UserName']) !empty($_POST['Password'])) {
$UserName = $_POST['UserName'];
$Password = $_POST['Password'];
$sql = SELECT `AdminID`,`UserName` FROM `admin` WHERE
`UserName`='$UserName' and`Password`='$Password';
$result = mysql_query ($sql);
$row = mysql_fetch_object ($result);
If (mysql_num_rows($result) 0) {
$_SESSION['AdminLogin'] = true;
$_SESSION['user'] = $UserName;
$_SESSION['AdminID'] = $row-AdminID;
header ('Location: Main.php');
exit;
} else {
--
Thanks!
-Shawn
http://www.spidean.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
