PHP - Assigning A Session To A Variable , Twice!?

Hello Everyone,

I am new to forum and could use some help with some php code that isn't working.  I am very new to php/html/javascript and all of what I have learned, I learned from forums like this one so first....thank you!

I am trying to assign a value from a php variable to the value of my form element.  I'm sure there must be a way to do this but I can't seem to get the syntax right.  here is my code...

first I set the value of $loginname elsewhere in the script like so...

<?php
$loginname =strtolower(htmlspecialchars(strip_tags($_GET["loginname"])));
?>
This part works fine..

Then I try to set the value of my hidden text field inside the form to the value of $loginname to be passed to a javascript program.  Everything works except that the value passed ends up being <?echo and not the expected user name inside of $loginname.

<?php

echo '<form name ="currentactivity" Id="currentactivity" action="<?php'.htmlspecialchars($_SERVER['PHP_SELF']).'?>"      method="post">';

echo '<fieldset><legend><b>Your Current Activity Information</b></legend>';
echo '<input type="text" name="loginnm"  style="visibility: hidden" value="<?php echo $loginname;?>">';

echo "<label for='myactivities'>Activity Name:</label>";

 
echo "<select name='myactivities' Id='myactivities' onchange=\"showdetails(this.form)\" value=''>";
echo "<option value = 'Select an activity'>Select an activity</option>";
for ($i = 1; $i <=$rowcount; $i++) {
   echo"<option value=$row[activity_name]>$row[activity_name] </option>";
   
   $row = mysql_fetch_array($result);
}
       
echo "</select>";
 
echo '</fieldset>';

echo '</form>';
?>

Please note..the rest of the code is working perfectly, it is just this one value I can't seem to get.
Any help you can give will be greatly appreciated. 

Okay, really newbie question, but for this code...
Code: [Select]
<!-- Gender -->
<label for="gender">Gender:</label>
<select id="gender" name="gender">
<option value="">--</option>
<option value="F">Female</option>
<option value="M">Male</option>
</select>

1.) How do I assign a variable to this?

2.) How do I make this "sticky"?


Here is how I have usually done other form types...
Code: [Select]
<!-- First Name -->
<label for="firstName">First Name:</label>
<input id="firstName" name="firstName" type="text" maxlength="30"
value="<?php if(isset($firstName)){echo htmlentities($firstName, ENT_QUOTES);} ?>" /><!-- Sticky Field -->
<?php
if (!empty($errors['firstName'])){
echo '<span class="error">' . $errors['firstName'] . '</span>';
}
?>


Oh, by the way, at the top of my PHP file I have this code...
Code: [Select]
if ($_SERVER['REQUEST_METHOD']=='POST'){
// Form was Submitted (Post).

// Initialize Errors Array.
$errors = array();

// Trim all form data.
$trimmed = array_map('trim', $_POST);

Thanks,


Debbie

I am facing problem to execute query by assigning NULL value to a variable and then executing query.In MySQL DB four fields Mobile,landline, pincode,dob are set as integer and date(for dob) respectively.The default is set as  NULL and NULL option is selected as yes.All these fields are not mandatory.The problem is that when I edit the form my keeping the value as empty in DB these are saved as 0, 0 , 0 & 0000-00-00 inspite of Null. I have tried everything but still the defect persist. Please help me to come out of the problem 

The code, I have used:

<?php
//require_once 'includes/config.php';

      $dbusername = $_POST['email'];
        $dbfirstname = $_POST['first_name'];
        $dblastname = $_POST['last_name'];
        //$dbmobile_number = $_POST['mobile'];
      if (isset($_POST['mobile']))
      
      {
         $dbmobile_number = $_POST['mobile'];
         
      }
       
      else
      
      {
         $dbmobile_number = "NULL";
         
      }
            
      $dblandline_number = $_POST['landline'];
        $dbdob = $_POST['dob'];
      
      if(isset($_POST['is_email']))
      {
         $dbSubscribe_Email_Alert = '1';
      }
      else
      {
         $dbSubscribe_Email_Alert = '0';
      }
      
      if(isset($_POST['is_sms']))
      {
         $dbSubscribe_SMS = 0;
      }
      else
      {
         $dbSubscribe_SMS = 0;
      }
       
      
        $dbAddress_firstname = $_POST['shipping_first_name'];
        $dbAddress_lastname = $_POST['shipping_last_name'];
        $dbAddress = $_POST['shipping_address'];
        $dbcity = $_POST['shipping_city'];
        $dbpincode = $_POST['shipping_pincode'];
        $dbstate = $_POST['shipping_state'];
        $dbcountry = $_POST['shipping_country'];
      
      echo "Welcome".$dbusername;

//if($_POST['btnSave'])

      //if ($_POST['btnSave'])

//{
   
   //echo "Inside query loop";
$connect = mysql_connect("localhost","root","") or die("Couldn't connect!");
mysql_select_db("salebees") or die ("Couldn't find DB");

//$query = mysql_query("SELECT * FROM users WHERE username='$username'");

$query = mysql_query("update users set firstname = '$dbfirstname', lastname = '$dblastname', mobile_number = '$dbmobile_number', landline_number = '$dblandline_number', dob = '$dbdob', Subscribe_Email_Alert = '$dbSubscribe_Email_Alert', Subscribe_SMS = '$dbSubscribe_SMS',  Address_firstname = '$dbAddress_firstname', Address_lastname = '$dbAddress_lastname', Address = '$dbAddress', city = '$dbcity', pincode = '$dbpincode', state = '$dbstate', country = '$dbcountry'      where username = '$dbusername' ");

header("location:my_account.php");


//}

//else

//{
//die();

//}


?>

hey guys,
I'm quite new to PHP and i was wondering if someone would be able to help me out with this.
The code i have checks the database to see if a user has provided a Vimeo ID. If they haven't, $video_check will equal a line of html that says the user hasn't added any videos to their portfolio. If the a vimeo ID is present, i want $video_check to equal a bunch of html and css with a foreach function inside that is used to display the users videos from vimeo.
The foreach function works fine when its not assigned to the $video_check variable. How do i structure it so that it displays correctly?

If you click on videos on this page you might get a better idea of what i'm talking about.
http://www.myfilmportfolio.ie/profile.php?id=33

and here is the code i'm having the problem with:

///////  check if user has provided vimeo id  //////////////////////////
$vimeoID = $row["vimeoID"];   
$video_check='';
if (empty($vimeoID)){
     $video_check = '<h3>'.$firstname .' has not added any videos to their portfolio</h3>';
     }
     else{
     $video_check = '<div id="stats">
                    <div style="clear: both;"></div>
               </div>
               <div id="wrapper">
               <div id="embed"></div>
                         <div id="thumbs">
               <ul>
               <?php foreach ($videos->video as $video): ?>
                    <li>
                                        <h4><?=$video->title?></h4>
                    <a href="<?php echo $video->url ?>">
                    <img src="<?php echo $video->thumbnail_medium ?>" class="thumb" /></a>
                    <p><?=$video->description?></p>
                                             <br />
                    </li>
                    <?php endforeach ?>
               </ul>
               </div>
            </div>';
   }


if anyone could help me out id really appreciate it.
Cheers,
G

My login script stores the user's login name as $_SESSION[ 'name'] on login. For some unapparent reason, i'm getting errors stating that $user  and $priv are  undefined variables, though I've attempted to define $user as being equal to $_SESSION['name'], using $user to look up the the user's privilege level (stored as the su column ) in the SQL table, and then where the result of the sql query is $priv which is then evaluated in an if statement. I can't seem to figure out why this might not be working.

The code I'm using:

<?php
session_start();
function verify() {
	//verify that the user is logged in via the login page. Session_start has already been called. 
	if (!isset($_SESSION['loggedin'])) {
	header('Location: /index.html'); 
	exit;
	}
	//if user is logged in, we then lookup necessary privleges. $_SESSION['name'] was written with the login name upon login. Privleges   // are written in db as a single-digit integer of of 0 for users, 1 for administrators, and 2 for special users. 
        $user === $_SESSION['name'];
    //Connect to Databse
	$link = mysqli_connect("127.0.0.1", "database user", "password", "database");
	if (!$link) {
  	  echo "Error: Unable to connect to MySQL." . PHP_EOL;
    	echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;
    	echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;
    	exit;
        }
        //SQL Statement to lookup privlege information. 
       if ($result = mysqli_query($link, "SELECT su FROM accounts WHERE username = $user", MYSQLI_STORE_RESULT)) {
         //LOOP TO CYCLE THROUGH SQL RESULTS AND STORE Privlege information as vairable $priv.
            while ($row = $result->fetch_assoc()) {
           $priv === $row["su"];
            }
        }
        // close SQL connection.
        mysqli_close($link);

 // Verify privleges and take action. Only a privlege of "1" is allowed to view this page. A privlege of "2" indicates special 
//accounts used in other scripts that have certain indermediate additional functions, but are not trusted administrators. 

        if ($priv !== 1) {
        echo $_SESSION['name'];
        echo "you have privlege level of $priv";
        echo "<br>";
        echo 'Your account does not have the privleges necessary to view this page';
        exit;
        }
        
}
verify();
?>

 

Hello everyone,

I can get Test 2 to successfully operate the if statement using a variable variable.

But when I try the same method using a session variable (Test 1) the if statement is not executed. Please could you tell me why the if statement in Test 1 is not being executed?

Code: [Select]

<?php
# TEST 1
$_SESSION[test_variable] = "abcd";
$session_variable_name = "_SESSION[test_variable]";
if ($$session_variable_name == "abcd")
{
echo "<br>line 373, abcd<br>";
}

# TEST 2
$test_variable = "efgh";
$test_variable_name = "test_variable";
if ($$test_variable_name == "efgh")
{
echo "<br>line 379, efgh<br>";
}

?>
Many thanks,

Stu

I get the following error when I try to pass a value to a methiod in a loop:

Warning: Attempt to assign property of non-object in /Users/staceyschaller/Sites/dev_zone/ckwv2/classes/class.php on line 670

This one has me very baffled. It will work the first time, and seems to work every other time, so I have no clue what is wrong. Here is the code:

This code is part of my "display" class:

function display_partner ($type,$loc,$rand=0,$narrow=0) {
$this->partners = new partner($this->cxn);
$display = '
<div id="cont_info" class="partner-list">
<div>
<h3 class="settings">'.ucfirst($loc).' '.ucfirst($type).last_letter($type).'s</h3>
</div>
<div class="settings-value" style="height:12px;padding:0;margin:0;text-align:right;padding-right:10px;">
<a href="" class="trunc">Add your organization to this list</a></p>
</div>
<div style="height:2px;padding:0;margin:0;">
<hr class="account" />
</div>
';
$ids = $this->partners->get_partners_list($type,$loc,$rand);
for ($b=0;$b<sizeof($ids->id);$b++) {
$this->partnerID = $ids->id[$b];
$display .= ($narrow)? $this->card_partner_narr():$this->card_partner();
if ($b!=(sizeof($ids->id)-1)) { $display .= '<hr class="account" />'; }
}

if (sizeof($ids->id)==0) {
$display .= '<div style="color:#999999;display:line;text-align:center;height:20px;">No Partners found for '.ucfirst($loc).' '.ucfirst($type).'</div>';
}

$display .= '
</div>';

return $display;

}

function card_partner () {
$this->partners->set_partner_id($this->partnerID);
$part_info = $this->partners->get_partner_info();
if ($part_info) {
$display .= '
<table class="settings">
<tr>
'.$this->show_if($part_info['partLogo']['val'],'<td class="settings-value" rowspan="2"><img src="'.LOGO_FOLDER.$part_info['partLogo']['val'].'" '.resize_img(LOGO_FOLDER.$part_info['partLogo']['val'],175).'alt="'.$part_info['partName']['val'].'" /></td>').'
<td class="settings-value" colspan="2"><h5>'.$part_info['partName']['val'].'</h5></td>
</tr>
<tr>
<td class="settings-value">
<span style="color:999999;">'.$part_info['partAddress']['val'].'<br />
'.$part_info['partCity']['val'].', '.$part_info['partST']['val'].' '.$part_info['partZIP']['val'].'<br />
'.$part_info['partPhone']['val'].'</span><br />
<a href="'.$this->form->show_href($part_info['partWeb']['val']).'" target="_blank">'.$part_info['partWeb']['val'].'</a>
</td>
<td class="settings-value">'.$part_info['partInfo']['val'].'</td>
</tr>
</table>
';
}

return $display;
}



This code is part of my "partners" class:

function set_partner_id($partID) {
echo '<p>partID: '.$partID.' '.gettype($partID).'<br>
$this->partner->id: '.$this->partner->id.'</p>';
$this->partner->id = $partID; ///*** ERROR HAPPENS HERE ***/
echo '<p>id set: '.$this->partner->id.'<br>
$this->partner->id: '.$this->partner->id.'</p><hr>';
}

function get_partner_id() {
return $this->partner->id;
}

// gets user info at login
function get_partner_info() {
$this->partner = $this->cxn->proc_info('partner','partID',$this->partner->id);//$this->partner->id
return $this->partner;
}


The following is the output generated:

partID: 24 string
$this->partner->id:
id set: 24
$this->partner->id: 24

partID: 26 string
$this->partner->id:
Warning: Attempt to assign property of non-object in /Users/staceyschaller/Sites/dev_zone/ckwv2/classes/class.php on line 670
id set:
$this->partner->id:

partID: 17 string
$this->partner->id:
id set: 17
$this->partner->id: 17


partID: 25 string
$this->partner->id:
Warning: Attempt to assign property of non-object in /Users/staceyschaller/Sites/dev_zone/ckwv2/classes/class.php on line 670
id set:
$this->partner->id:

As you can see, the value passes to $this->set_partner_id($partID) each time. It is formatted as a string. When it assigns the value to $this->partner->id, however, sometimes it works, and sometimes it doesn't. It's probably something obvious, but I've racked my brain to see what it is. Any ideas?

Need help declaring some session variable guys.

I have a login form where the member enters his
1. Pilot Callsign
2. Password

I want to declare that Pilot Callsign as the session variable on authentication.

Using that Pilot Callsign session variable, I will fetch data from the database relevant to his profile.

I already have the whole login page coded along with the restricted access pages (not coded by me).

Check this out

1. Page is coded like this and working PERFECTLY
---

Code: [Select]
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['pilot_callsign'])) {
  $loginUsername=$_POST['pilot_callsign'];
  $password=$_POST['password'];
  
  mysql_select_db($database_brn_system, $brn_system);
  
  $LoginRS__query=sprintf("SELECT pilot_callsign, password, staff_level, firstname FROM pilots WHERE activated = 1 AND pilot_callsign=%s AND password=%s",
  GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $brn_system) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
    
    $loginStrGroup  = mysql_result($LoginRS,0,'staff_level');
    
if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;      
?>
---

2. As you can see, there already is a session variable declared for Pilot Callsign
But on the next page "Restricted Access Page", when I try to call this same Session Variable, it doesn't work.

I tried doing this
<?php echo $_SESSION['MM_Username'] ?>

Moreover, I even tried to fetch data from the table like this -

SELECT * FROM pilots WHERE pilot_callsign=$_SESSION['MM_Username']

Doesn't work 

Hi

I am using very simple code. Here it is

Code: [Select]
<?php
session_start();
$user = "guest";
$uid = "1";
echo $_SESSION['user']."<br />";
echo $_SESSION['uid'];
?>
it displays this error
Code: [Select]
Notice: Undefined index: user in C:\wamp\www\DealDash\index.php on line 5
Notice: Undefined index: uid in C:\wamp\www\DealDash\index.php on line 6
how can I solve this problem? Help please

I wonder whether someone can help me please.

I'm using the script below to create a page whereby users are presented with a list of image folders they have created. Clicking on any of the folders allows the user to drill down and view the individual images.

Code: [Select]
<?php session_start(); 

$_SESSION['username']=$_POST['username'];
$_SESSION['locationid']=$_POST['locationid'];
 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<?php 
  //This variable specifies relative path to the folder, where the gallery with uploaded files is located.
  $galleryPath = 'UploadedFiles/' . $_SESSION['username'] . '/' . $_SESSION['locationid'] . '/';
  
  $absGalleryPath = realpath($galleryPath) . DIRECTORY_SEPARATOR;  
  
  $descriptions = new DOMDocument('1.0');
  $descriptions->load($absGalleryPath . 'files.xml'); 
  
  $items = array();

  for ($i = 0; $i < $descriptions->documentElement->childNodes->length; $i++) {
    $xmlFile = $descriptions->documentElement->childNodes->item($i);
    $path = $xmlFile->getAttribute('name');
    $path = explode('/', $path);
    
    $t = &$items;
    for ($j = 0; $j < count($path); $j++) {
      if (empty($t[$path[$j]])) {
        $t[$path[$j]] = array();
      }
      $t = &$t[$path[$j]];
    }
    $t['/src/'] = $xmlFile->getAttribute('source');
    $t['description'] = $xmlFile->getAttribute('description');
    $t['size'] = $xmlFile->getAttribute('size');
  }
  
  $basePath = empty($_GET['path']) ? '' : $_GET['path'];
  if ($basePath) {
    $basePath = explode('/', $basePath);
    for ($j = 0; $j < count($basePath); $j++) {
      $items = &$items[$basePath[$j]];
    }
  }
  
  $files = array();
  $dirs = array();
  
  function urlpartencode(&$item, $index) {
    $item = rawurlencode($item);
  }
  
  foreach ($items as $key => $value) {
    if (isset($value['/src/'])) {
      $value['/src/'] = explode('/', $value['/src/']);
      array_walk($value['/src/'], 'urlpartencode');
      $value['/src/'] = implode('/', $value['/src/']);
      $files[] = array(
        'name' => $key,
        'src' => $value['/src/'],
        'description' => htmlentities($value['description'], ENT_COMPAT, 'UTF-8'),
        'size' => htmlentities($value['size'], ENT_COMPAT, 'UTF-8')
      ); 
    } else {
      $dirs[] = $key;
    }
  }
  
  $basePath = empty($_GET['path']) ? '' : $_GET['path'];
  $up = dirname($basePath);
  if ($up == '.') {
    $up = '';
  }
  
  sort($files);
  sort($dirs);
?>
<head>
  <title>View Image Folders</title>
  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
  <link href="Styles/style.css" rel="stylesheet" type="text/css" />
  <script src="Libraries/jquery/jquery-1.4.3.min.js" type="text/javascript"></script>
   <style type="text/css">
<!--
.style1 {
font-size: 14px;
margin-top: 5px;
margin-right: -50px;
}

-->
  </style>
<body style="font-family: Calibri; color:  #505050; margin-right: 160px; margin-left: -180px;">
<div align="right" class="style1"> <a href = "index.php" /> Add Images <a/> &rarr; <a href = "javascript:document.imagefolders.submit()"> View All Images </a> </div>
<form id="imagefolders" name="imagefolders" class="page" action="gallery.php" method="post" enctype="application/x-www-form-urlencoded"> 
   <div id="container">
  </div>
    <div id="center">
      <div class="aB">
        <div class="aB-B">
          <?php if ('Uploaded files' != $current['title']) :?>
          <?php endif;?>
          <div class="demo">
  <input name="username" type="hidden" id="username" value="IRHM73" />
          <input name="locationid" type="hidden" id="locationid" value="1" />
            <div class="inner">
              <div class="container">
                <div class="gallery">
                  <table class="gallery-link-table" cellpadding="0" cellspacing="0">
                    <thead>
                      <tr class="head">
                        <th class="col-name">
                          Name
                        </th>
                        <th class="col-size">
                          Size
                        </th>
                        <th class="col-description">
                          Description
                        </th>
                      </tr>
                    </thead>

                    <tbody>
                      <tr class="directory odd">
                        <td class="col-name">
                          <a href="?path=<?php echo rawurlencode($up); ?>">..</a>
                        </td>
                        <td class="col-size">
                        </td>
                        <td class="col-description">
                        </td>
                      </tr>
                      <?php $i = 1; ?>
                      <?php foreach ($dirs as $dir) : ?>
                      <tr class="directory <?php $i++; echo ($i % 2 == 0 ? 'even' : 'odd'); ?>">
                        <td><a href="?path=<?php echo rawurlencode(($basePath ? $basePath . '/' : '') . $dir); ?>"><?php echo htmlentities($dir, ENT_COMPAT, 'UTF-8'); ?></a></td>
                        <td>Folder</td>
                        <td></td>
                      </tr>
                      <?php endforeach; ?>
                      <?php foreach ($files as $file) : ?>
                      <tr class="<?php $i++; echo ($i % 2 == 0 ? 'even' : 'odd'); ?>">
                        <td><a target="_blank" href="<?php echo $galleryPath . $file['src']; ?>"><?php echo htmlentities($file['name'], ENT_COMPAT, 'UTF-8'); ?></a></td>
                        <td><?php echo htmlentities($file['size'], ENT_COMPAT, 'UTF-8'); ?></td>
                        <td><?php echo htmlentities($file['description'], ENT_COMPAT, 'UTF-8'); ?></td>
                      </tr>
                      <?php endforeach; ?>
                    </tbody>
                  </table>
                </div>
              </div>
            </div>
          </div>
        </div>
      </div>
  </div>
        </div>
      </div>
    </div>
</form>
</body>
</html>
I can create the list of folders, but when I click on any of these, instead of being able to view the images, I receive the following error:
Quote

Warning: DOMDocument::load() [domdocument.load]: I/O warning : failed to load external entity "/homepages/2/d333603417/htdocs/development/UploadedFiles/files.xml" in /homepages/2/d333603417/htdocs/development/imagefolders.php on line 16

Warning: Invalid argument supplied for foreach() in /homepages/2/d333603417/htdocs/development/imagefolders.php on line 52


Line 16 is this line Code: [Select]
$descriptions->load($absGalleryPath . 'files.xml'); and line 52 is this Code: [Select]
foreach ($items as $key => $value){
However, if I change this line Code: [Select]
$galleryPath = 'UploadedFiles/' . $_SESSION['username'] . '/' . $_SESSION['locationid'] . '/'; to
Code: [Select]
$galleryPath = 'UploadedFiles/' . 'IRHM73' . '/' . '1' . '/'; i.e. replacing the 'Session Variables' with the actual values, the page works.

I've been working on this for days now, and I just can't find the solution. I just wondered whether someoen could perhaps have a look at this and let me know where I'm going wrong.

Many thanks and regards

hi all , i am working on a script which is oop driven and i m not much familiar with it, i appericiate if someone can help me to solve this problem , so basicaly current script is only setting one session variable to true if user login $_SESSION['is_successful_login']  , here is my code
<?php
include('files/db.php');
class ajaxLoginModule  {
  private $timeout         = null;
  private $target_element  = null;
  private $wait_text       = null;
  private $form_element    = null;
  private $wait_element    = null;
  private $notify_element  = null;
   
  function __construct() {
     include ('config.php'); 
 $msql  = new Db;
 $msql->connect();
 $this->is_login();
  } 
  function get_config() {
 $this->set_ajax_config();
  } 
  function set_ajax_config() {
     $this->timeout         = AJAX_TIMEOUT;
     $this->target_element  = AJAX_TARGET_ELEMENT;
     $this->wait_text       = AJAX_WAIT_TEXT;
 $this->wait_element    = AJAX_WAIT_ELEMENT;
     $this->notify_element  = AJAX_NOTIFY_ELEMENT;
     $this->form_element    = AJAX_FORM_ELEMENT;
  }
  function initLogin($arg = array()) {
 $this->get_config();
 $this->login_script();     
  }
  function initJquery() { 
 return "<script type='text/javascript' src='files/jquery-1.3.2.min.js'></script>";
  }
  function login_script() { 
 include ('files/login_script.php');
  }
  function is_login() {
      if(isset($_POST['username']))  {
     $username   = $_POST['username'];
 $password   = $_POST['password'];
 $strSQL = "SELECT * FROM ".USERS_TABLE_NAME."
    WHERE username ='$username' AND password = '$password'
   ";
        $result  = mysql_query ($strSQL); 
$row     = mysql_fetch_row($result);
   /*
//THIS IS WHAT I NEED
$_SESSION['user'] = $row['username'];
 $_SESSION['id'] = $row['id'];
*/
$exist   = count($row);
if($exist >=2) { $this->jscript_location();  } 
else { $this->notify_show();}
exit;
  }   
  }
  function notify_show() {
    echo "<script>$('.".AJAX_NOTIFY_ELEMENT."').fadeIn();</script>";
  }
  function jscript_location() {
    $this->set_session();
    echo "<script> $('#container').fadeOut();window.location.href='".SUCCESS_LOGIN_GOTO."'</script>";
  }
  function set_session() {
      session_start();
  $_SESSION['is_successful_login'] = true;

  }    
  
}  
?>  

i comment that line what i need is username and id to store in those session variables

$_SESSION['user'] = $row['username'];
 $_SESSION['id'] = $row['id']

 i tried to add code in  function set_session but did not helped, appreciate  for any help.

Thanks

I'm using Session variables for the first time on a site I'm developing. I had it working fine while I was doing some admin and testing in subfolders. But the problem is I'm losing the session variables when I load the page from www.example.com, but it works from www.example.com/index.php. I would be happy to post some code if needed.

Currently I am adding the concept of "entitlements" to my website.

In the past, my "article.php" script would simply look to the URL for which article was being requested and then load it.  However now that I am also adding the concept of "premium content" for "paid members", I need a way to control who sees what.

What I am wondering is - from a security standpoint - how much information I should load into the $_SESSION variable.

For instance, right now when a user logs in, I think I just store the "memberID" and "FirstName" and possibly "Username".

It would be more efficient when a Member logs in to also retrieve their "Membership Plan" and store that in the $_SESSION variable, so that as they browse my website, each page can simply grab $_SESSION['MembershipPlan'] and run that through a function that I need to build and then determine if the user gets to access said page.

However, maybe it would be more secure to have it so when a user lands on page XYZ, I would look at their "memberID" and query the database to get their "MembershipPlan"?

Any thoughts on each approach?

Again, my main concern is *security*, but I also suppose this plays into "performance".

 

 

Hey guys, been awhile since I have been here, but I hit a little issue in reading session data reliably every time.

What I am doing is reading the variables and values from a rarurlencoded string.
Then putting that into a session array to populate parts of a form and fill in some hidden fields.
After the form posts every now and then, about 1 in 50 or so attempts, I have one (always the same one) that just vanishes.

Anyone ever experience anything like this?

page.php
<a href="cart.php?action=add&id=38">

cart.php

session_start();
$cart = $_SESSION['cart'];

$action = $_GET['action'];

switch ($action) {
   case 'add':
if ($cart)
   $cart =$cart. ','.$_GET['id'];
   else
      $cart = $_GET['id'];
}


$_SESSION['cart'] = $cart;
echo $cart;
output:
 Insted of one time it adds the id two times.

It prints : 38,38.
can pls suggest me what's problem in the code. Thank's in advance.